diff --git a/.claude/settings.local.json b/.claude/settings.local.json
index 85c3599..c76a4e2 100644
--- a/.claude/settings.local.json
+++ b/.claude/settings.local.json
@@ -35,7 +35,8 @@
       "Bash(ss:*)",
       "Bash(lsof:*)",
       "Bash(dotnet run:*)",
-      "Bash(dotnet user-secrets:*)"
+      "Bash(dotnet user-secrets:*)",
+      "Bash(xargs grep:*)"
     ]
   },
   "enableAllProjectMcpServers": false
diff --git a/src/BCards.Web/Program.cs b/src/BCards.Web/Program.cs
index d490012..22ba835 100644
--- a/src/BCards.Web/Program.cs
+++ b/src/BCards.Web/Program.cs
@@ -626,7 +626,7 @@ app.Use(async (context, next) =>
               "frame-src 'self' https://accounts.google.com https://login.microsoftonline.com; " +
               "object-src 'none'; " +
               "base-uri 'self'; " +
-              "form-action 'self'";
+              "form-action 'self' https://accounts.google.com https://login.microsoftonline.com";
     context.Response.Headers.Append("Content-Security-Policy", csp);
 
     // Load balancer e debugging headers
diff --git a/src/BCards.Web/appsettings.json b/src/BCards.Web/appsettings.json
index d34124e..b9df020 100644
--- a/src/BCards.Web/appsettings.json
+++ b/src/BCards.Web/appsettings.json
@@ -147,7 +147,7 @@
     },
     "Microsoft": {
       "ClientId": "b411606a-e574-4f59-b7cd-10dd941b9fa3",
-      "ClientSecret": ".v88Q~2UIFu926J9lETzY_dY16Wqxo0QvYECjdvx"
+      "ClientSecret": "bff10c42-f1e5-487b-bacb-16b1b691aa7d"
     }
   },
   "Moderation": {