diff --git a/squashkiwi-streaming/config/docker-compose.yml b/squashkiwi-streaming/config/docker-compose.yml
index 4f70179..f6d7c38 100644
--- a/squashkiwi-streaming/config/docker-compose.yml
+++ b/squashkiwi-streaming/config/docker-compose.yml
@@ -26,11 +26,11 @@ services:
       MTX_PATHS_COURT_SOURCEPROTOCOL: tcp
       # Force all paths to start immediately
       MTX_PATHDEFAULTS_SOURCEONDEMAND: "no"
-      # Disable all authentication
-      MTX_PATHDEFAULTS_PUBLISHUSER: ""
-      MTX_PATHDEFAULTS_PUBLISHPASS: ""
-      MTX_PATHDEFAULTS_READUSER: ""
-      MTX_PATHDEFAULTS_READPASS: ""
+      # Authentication disabled for testing
+      # MTX_PATHDEFAULTS_PUBLISHUSER: ${MEDIAMTX_USER}
+      # MTX_PATHDEFAULTS_PUBLISHPASS: ${MEDIAMTX_PASS}
+      # MTX_PATHDEFAULTS_READUSER: ${MEDIAMTX_USER}
+      # MTX_PATHDEFAULTS_READPASS: ${MEDIAMTX_PASS}
     healthcheck:
       test: ["CMD", "wget", "-q", "-O", "-", "http://localhost:9997/v2/paths/list"]
       interval: 30s
diff --git a/squashkiwi-streaming/config/mediamtx.yml b/squashkiwi-streaming/config/mediamtx.yml
index cef9ae5..683d7dc 100644
--- a/squashkiwi-streaming/config/mediamtx.yml
+++ b/squashkiwi-streaming/config/mediamtx.yml
@@ -34,11 +34,11 @@ webrtcAllowOrigin: '*'
 
 # Path defaults
 pathDefaults:
-  # Disable authentication
-  readUser:
-  readPass:
-  publishUser:
-  publishPass:
+  # Authentication disabled for testing
+  # readUser: stream
+  # readPass: squashkiwi
+  # publishUser: stream
+  # publishPass: squashkiwi
 
 # Path Configuration
 paths:
diff --git a/squashkiwi-streaming/config/nginx.conf b/squashkiwi-streaming/config/nginx.conf
index 8603159..5b5d336 100644
--- a/squashkiwi-streaming/config/nginx.conf
+++ b/squashkiwi-streaming/config/nginx.conf
@@ -40,10 +40,13 @@ http {
             proxy_pass http://[::1]:8888/;
             proxy_http_version 1.1;
             
+            # Forward authentication headers
+            proxy_set_header Authorization $http_authorization;
+            
             # CORS headers
             add_header Access-Control-Allow-Origin *;
             add_header Access-Control-Allow-Methods "GET, OPTIONS";
-            add_header Access-Control-Allow-Headers "Range";
+            add_header Access-Control-Allow-Headers "Range, Authorization";
             
             # Cache HLS segments
             proxy_cache hls_cache;
@@ -74,6 +77,7 @@ http {
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
             proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_set_header Authorization $http_authorization;
             
             proxy_buffering off;
             proxy_request_buffering off;
diff --git a/squashkiwi-streaming/install.sh b/squashkiwi-streaming/install.sh
index e6e964c..c9f02a1 100755
--- a/squashkiwi-streaming/install.sh
+++ b/squashkiwi-streaming/install.sh
@@ -33,6 +33,8 @@ RECORDINGS_FOLDER=${RECORDINGS_FOLDER}
 MTX_PATHS_COURT_SOURCE=rtsp://${CAMERA_USER}:${CAMERA_PASSWORD}@${CAMERA_IP}:${CAMERA_RTSP_PORT}/cam/realmonitor?channel=1&subtype=0
 MTX_PATHS_COURT_MAIN_SOURCE=rtsp://${CAMERA_USER}:${CAMERA_PASSWORD}@${CAMERA_IP}:${CAMERA_RTSP_PORT}/cam/realmonitor?channel=1&subtype=0
 MTX_PATHS_COURT_SUB_SOURCE=rtsp://${CAMERA_USER}:${CAMERA_PASSWORD}@${CAMERA_IP}:${CAMERA_RTSP_PORT}/cam/realmonitor?channel=1&subtype=1
+MEDIAMTX_USER=${MEDIAMTX_USER}
+MEDIAMTX_PASS=${MEDIAMTX_PASS}
 SQUASHKIWI_API=${SQUASHKIWI_API}
 COURT_ID=${COURT_ID}
 IDLE_TIMEOUT=${IDLE_TIMEOUT}