diff --git a/Backend/GestionIntegral.Api/Program.cs b/Backend/GestionIntegral.Api/Program.cs
index e9f77fa..36e2402 100644
--- a/Backend/GestionIntegral.Api/Program.cs
+++ b/Backend/GestionIntegral.Api/Program.cs
@@ -95,7 +95,7 @@ builder.Services.AddScoped<IReportesService, ReportesService>();
 
 // --- Configuración de Autenticación JWT ---
 var jwtSettings = builder.Configuration.GetSection("Jwt");
-var jwtKey = jwtSettings["Key"] ?? throw new ArgumentNullException("Jwt:Key", "JWT Key not configured in appsettings");
+var jwtKey = builder.Configuration["JWT_KEY"] ?? jwtSettings["Key"] ?? throw new ArgumentNullException("Jwt:Key", "JWT Key not configured");
 var keyBytes = Encoding.ASCII.GetBytes(jwtKey);
 
 builder.Services.AddAuthentication(options =>
@@ -129,13 +129,14 @@ var MyAllowSpecificOrigins = "_myAllowSpecificOrigins";
 builder.Services.AddCors(options =>
 {
     options.AddPolicy(name: MyAllowSpecificOrigins,
-                      policy  =>
+                      policy =>
                       {
-                          policy.WithOrigins("http://localhost:5173") // URL Frontend React
-                                .AllowAnyHeader()
-                                .AllowAnyMethod();
-                          // Para pruebas más permisivas (NO USAR EN PRODUCCIÓN):
-                          // policy.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod();
+                          policy.WithOrigins(
+                              "http://localhost:5173", // Para desarrollo local
+                              "http://192.168.4.128:8080"  // Para producción
+                          ) 
+                          .AllowAnyHeader()
+                          .AllowAnyMethod();
                       });
 });
 // --- Fin CORS ---