diff --git a/cmd/cache/main.go b/cmd/cache/main.go
index 37b7ec3649be62ed238aae448e17ad29ab88f6f6..c81842f9d285d0738bc99486eb6fdc49552a8cea 100644
--- a/cmd/cache/main.go
+++ b/cmd/cache/main.go
@@ -28,6 +28,7 @@ import (
 	"gitlab.com/gaia-x/data-infrastructure-federation-services/tsa/cache/internal/service"
 	"gitlab.com/gaia-x/data-infrastructure-federation-services/tsa/cache/internal/service/cache"
 	"gitlab.com/gaia-x/data-infrastructure-federation-services/tsa/cache/internal/service/health"
+	"gitlab.com/gaia-x/data-infrastructure-federation-services/tsa/golib/auth"
 	"gitlab.com/gaia-x/data-infrastructure-federation-services/tsa/golib/graceful"
 )
 
@@ -103,6 +104,15 @@ func main() {
 		openapiServer = goaopenapisrv.New(openapiEndpoints, mux, dec, enc, nil, errFormatter, nil, nil)
 	}
 
+	// Apply Authentication middleware if enabled
+	if cfg.Auth.Enabled {
+		m, err := auth.NewMiddleware(cfg.Auth.JwkURL, cfg.Auth.RefreshInterval, http.DefaultClient)
+		if err != nil {
+			log.Fatalf("failed to create authentication middleware: %v", err)
+		}
+		cacheServer.Use(m.Handler())
+	}
+
 	// Configure the mux.
 	goacachesrv.Mount(mux, cacheServer)
 	goahealthsrv.Mount(mux, healthServer)
diff --git a/internal/config/config.go b/internal/config/config.go
index 2cb86d4f93c708196dfedfc763a51bbc9f00fab9..3d7b2701fcc1e41d4d44db18b10fa34d555f1c3f 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -7,6 +7,7 @@ type Config struct {
 	Redis   redisConfig
 	Nats    natsConfig
 	Metrics metricsConfig
+	Auth    authConfig
 
 	LogLevel string `envconfig:"LOG_LEVEL" default:"INFO"`
 }
@@ -35,3 +36,9 @@ type natsConfig struct {
 type metricsConfig struct {
 	Addr string `envconfig:"METRICS_ADDR" default:":2112"`
 }
+
+type authConfig struct {
+	Enabled         bool          `envconfig:"AUTH_ENABLED" default:"true"`
+	JwkURL          string        `envconfig:"AUTH_JWK_URL"`
+	RefreshInterval time.Duration `envconfig:"AUTH_REFRESH_INTERVAL" default:"1h"`
+}