diff --git a/Deployment/nginx.conf b/Deployment/nginx.conf
index 687bd16a8..1276b475c 100644
--- a/Deployment/nginx.conf
+++ b/Deployment/nginx.conf
@@ -1,45 +1,49 @@
 worker_processes 1;
 events { worker_connections 1024; }
-        http {
+http {
         sendfile on;
-                upstream docker-wallet {
-        server wallet:8091;
-}
+        upstream docker-wallet {
+            server wallet:8091;
+        }
         upstream docker-auth {
-        server auth:8083;
-}
+            server auth:8083;
+        }
         upstream docker-matching-gateway {
-        server matching-gateway:8093;
-}
+            server matching-gateway:8093;
+        }
         upstream docker-api {
-        server api:8094;
-}
+            server api:8094;
+        }
 
         proxy_set_header   Host $host;
-                proxy_set_header   X-Real-IP $remote_addr;
-                proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header   X-Real-IP $remote_addr;
+        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header   X-Forwarded-Host $server_name;
 
         server {
-        server_name api.opex.dev;
+            server_name api.opex.dev;
 
-                location /auth {
-        proxy_pass http://docker-auth;
-}
+            location /auth {
+                proxy_pass http://docker-auth;
+            }
 
-        location /wallet {
-        proxy_pass http://docker-wallet;
+            location /wallet/transfer {
+                return  403;
+            }
+
+            location /wallet {
+                proxy_pass http://docker-wallet;
                 rewrite ^/wallet(.*)$ $1 break;
-}
+            }
 
-        location /gateway {
-        proxy_pass http://docker-matching-gateway;
+            location /gateway {
+                proxy_pass http://docker-matching-gateway;
                 rewrite ^/gateway(.*)$ $1 break;
-}
+            }
 
-        location /api {
-        proxy_pass http://docker-api;
+            location /api {
+                proxy_pass http://docker-api;
                 rewrite ^/api(.*)$ $1 break;
-}
-}
+            }
+        }
 }
\ No newline at end of file
diff --git a/Wallet/wallet-app/src/main/kotlin/co/nilin/opex/wallet/app/config/SecurityConfig.kt b/Wallet/wallet-app/src/main/kotlin/co/nilin/opex/wallet/app/config/SecurityConfig.kt
index 0153ee983..f58311d56 100644
--- a/Wallet/wallet-app/src/main/kotlin/co/nilin/opex/wallet/app/config/SecurityConfig.kt
+++ b/Wallet/wallet-app/src/main/kotlin/co/nilin/opex/wallet/app/config/SecurityConfig.kt
@@ -36,6 +36,7 @@ class SecurityConfig(private val webClient: WebClient) {
                     AuthorizationDecision(granted)
                 }
             }
+            .pathMatchers("/**").permitAll()
             .anyExchange().authenticated()
             .and()
             .oauth2ResourceServer()