diff --git a/src/pages/auth/LoginPage.tsx b/src/pages/auth/LoginPage.tsx
index 7def5f2..d6c8905 100644
--- a/src/pages/auth/LoginPage.tsx
+++ b/src/pages/auth/LoginPage.tsx
@@ -24,10 +24,7 @@ import {
 import { AddPasskeyWizard } from "@/components/security/AddPasskeyWizard";
 import { TotpEnrollmentWizard } from "@/components/security/TotpEnrollmentWizard";
 import { OAuthProvider } from "@/lib/oauth";
-
-type LoginStep = 'credentials' | 'totp' | 'webauthn' | 'passkey-email' | 'mfa-enrollment' | 'mfa';
-
-const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1';
+import { config } from "@/config";
 
 /**
  * Complete an OIDC authorization flow after the user has authenticated.
@@ -35,7 +32,7 @@ const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/
  * the auth code and returns the redirect URL for the calling application.
  */
 async function completeOidcFlow(oidcSessionId: string, token: string): Promise<string> {
-  const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
+  const res = await fetch(`${config.api.baseUrl}/oidc/complete`, {
     method: 'POST',
     headers: { 'Content-Type': 'application/json' },
     body: JSON.stringify({ oidc_session_id: oidcSessionId, token }),
diff --git a/src/pages/auth/OAuthCallbackPage.tsx b/src/pages/auth/OAuthCallbackPage.tsx
index 3f9acad..d270dfe 100644
--- a/src/pages/auth/OAuthCallbackPage.tsx
+++ b/src/pages/auth/OAuthCallbackPage.tsx
@@ -6,13 +6,12 @@ import { Card, CardContent, CardDescription, CardHeader, CardTitle } from "@/com
 import { useAuth } from "@/contexts/AuthContext";
 import { tokenManager } from "@/lib/api";
 import { useToast } from "@/hooks/use-toast";
+import { config } from "@/config";
 
 type CallbackState = 'loading' | 'success' | 'error';
 
-const SECUIRD_API = (import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1') as string;
-
 async function completeOidcFlow(oidcSessionId: string, token: string): Promise<string> {
-  const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
+  const res = await fetch(`${config.api.baseUrl}/oidc/complete`, {
     method: 'POST',
     headers: { 'Content-Type': 'application/json' },
     body: JSON.stringify({ oidc_session_id: oidcSessionId, token }),
diff --git a/src/pages/auth/OIDCConsentPage.tsx b/src/pages/auth/OIDCConsentPage.tsx
index b478950..45dca05 100644
--- a/src/pages/auth/OIDCConsentPage.tsx
+++ b/src/pages/auth/OIDCConsentPage.tsx
@@ -5,8 +5,7 @@ import { Button } from "@/components/ui/button";
 import { Card } from "@/components/ui/card";
 import { Separator } from "@/components/ui/separator";
 import { tokenManager } from "@/lib/api";
-
-const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1';
+import { config } from "@/config";
 
 const SCOPE_META: Record<string, { icon: typeof Shield; label: string; description: string }> = {
   openid: { icon: Shield, label: "OpenID", description: "Verify your identity" },
@@ -40,7 +39,7 @@ export default function OIDCConsentPage() {
 
     (async () => {
       try {
-        const res = await fetch(`${SECUIRD_API}/oidc/begin`, {
+        const res = await fetch(`${config.api.baseUrl}/oidc/begin`, {
           method: "POST",
           headers: { "Content-Type": "application/json" },
           body: JSON.stringify({ oidc_session_id: oidcSessionId }),
@@ -66,7 +65,7 @@ export default function OIDCConsentPage() {
         navigate(`/login?oidc_session_id=${context.oidc_session_id}`);
         return;
       }
-      const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
+      const res = await fetch(`${config.api.baseUrl}/oidc/complete`, {
         method: "POST",
         headers: { "Content-Type": "application/json" },
         body: JSON.stringify({ oidc_session_id: context.oidc_session_id, token }),
diff --git a/src/pages/auth/OIDCLoginPage.tsx b/src/pages/auth/OIDCLoginPage.tsx
index 5a34e12..7a310e2 100644
--- a/src/pages/auth/OIDCLoginPage.tsx
+++ b/src/pages/auth/OIDCLoginPage.tsx
@@ -35,9 +35,7 @@ import { Separator } from "@/components/ui/separator";
 import { Badge } from "@/components/ui/badge";
 import { useAuth } from "@/contexts/AuthContext";
 import { ApiError, tokenManager } from "@/lib/api";
-
-// ── Configuration ─────────────────────────────────────────────────────────────
-const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? "http://localhost:5000/api/v1";
+import { config } from "@/config";
 
 // ── Scope display metadata ────────────────────────────────────────────────────
 const SCOPE_META: Record<string, { icon: typeof Shield; label: string; description: string }> = {
@@ -61,7 +59,7 @@ type PageStep = "loading" | "login" | "consent" | "error";
 
 // ── API helpers ───────────────────────────────────────────────────────────────
 async function fetchOIDCContext(oidcSessionId: string): Promise<OIDCContext> {
-  const res = await fetch(`${SECUIRD_API}/oidc/begin`, {
+  const res = await fetch(`${config.api.baseUrl}/oidc/begin`, {
     method: "POST",
     headers: { "Content-Type": "application/json" },
     body: JSON.stringify({ oidc_session_id: oidcSessionId }),
@@ -74,7 +72,7 @@ async function fetchOIDCContext(oidcSessionId: string): Promise<OIDCContext> {
 }
 
 async function completeOIDCFlow(oidcSessionId: string, token: string): Promise<string> {
-  const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
+  const res = await fetch(`${config.api.baseUrl}/oidc/complete`, {
     method: "POST",
     headers: { "Content-Type": "application/json" },
     body: JSON.stringify({ oidc_session_id: oidcSessionId, token }),