diff --git a/config.php b/config.php
index e7554ce..5608497 100644
--- a/config.php
+++ b/config.php
@@ -3,16 +3,20 @@
 define('IRMA_SERVER_URL', getenv('IRMA_SERVER_URL') ?: 'http://localhost:8088');
 define('API_TOKEN', getenv('API_TOKEN') ?: '');
 define('DEMO', false);
-define('JWT_ENABLED', true);
+define('JWT_ENABLED', getenv('JWT_ENABLED')?: false);
 
 if (DEMO) {
     define('ISSUER', 'irma-demo');
-    define('BASE_URL', 'http://localhost');
-    define('IRMATUBE_NEXT_SESSION_URL', BASE_URL . '/nl/get_session_request.php');
+    define('BASE_URL', 'http://localhost:8080'); 
+    define('IRMATUBE_NEXT_SESSION_URL', BASE_URL . '/get_session_request.php');
     define('IRMATUBE_CREDENTIAL', 'irma-demo.IRMATube.member');
 } else {
-    define('ISSUER', 'pbdf');
-    define('BASE_URL', 'https://privacybydesign.foundation');
-    define('IRMATUBE_NEXT_SESSION_URL', BASE_URL . '/demo/get_session_request.php');
-    define('IRMATUBE_CREDENTIAL', 'pbdf.pbdf.irmatube');
+    define('ISSUER',getenv('ISSUER') ?: 'pbdf');
+    define('BASE_URL', getenv('BASE_URL') ?: 'https://privacybydesign.foundation');
+    define('IRMATUBE_NEXT_SESSION_URL',getenv('IRMATUBE_NEXT_SESSION_URL') ?: BASE_URL . '/get_session_request.php');
+    define('IRMATUBE_CREDENTIAL',  getenv('IRMATUBE_CREDENTIAL') ?: 'pbdf.pbdf.irmatube');
 }
+
+if (JWT_ENABLED) {
+    define('IRMA_SERVER_PUBLICKEY',getenv('IRMA_SERVER_PUBLICKEY') ?: __DIR__ . '/../data/pk.pem');
+}
\ No newline at end of file
diff --git a/get_session_request.php b/get_session_request.php
index 4ba097b..616b4ea 100644
--- a/get_session_request.php
+++ b/get_session_request.php
@@ -8,7 +8,7 @@
 function get_session_request($contents)
 {
     if (JWT_ENABLED) {
-        $jwt_pk = file_get_contents(IRMA_SERVER_URL . './publickey');
+        $jwt_pk = file_get_contents(IRMA_SERVER_PUBLICKEY);
         try {
             $decoded = JWT::decode($contents, new Key($jwt_pk, 'RS256'));
         } catch (Exception $e) {