diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java
index 1f5f408..111ffab 100644
--- a/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java
+++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java
@@ -1,8 +1,10 @@
 package io.bluemoon.authorizationserver.config;
 
 import io.bluemoon.authorizationserver.service.user.CustomUserDetailsServiceImpl;
+import org.springframework.boot.autoconfigure.security.SecurityProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
@@ -11,6 +13,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 
 @Configuration
+@Order(SecurityProperties.BASIC_AUTH_ORDER - 6)
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
     private CustomUserDetailsServiceImpl customUserDetailsService;