diff --git a/kubernetes/system/monitoring/base/ingress.yaml b/kubernetes/system/monitoring/base/ingress.yaml
index 2064645..a260a82 100644
--- a/kubernetes/system/monitoring/base/ingress.yaml
+++ b/kubernetes/system/monitoring/base/ingress.yaml
@@ -8,6 +8,9 @@ metadata:
     cert-manager.io/cluster-issuer: letsencrypt-prod
     nginx.ingress.kubernetes.io/auth-url: "https://oauth2.ninebasetwo.net/oauth2/auth"
     nginx.ingress.kubernetes.io/auth-signin: "https://oauth2.ninebasetwo.net/oauth2/start?rd=$scheme://$host$request_uri"
+    nginx.ingress.kubernetes.io/configuration-snippet: |
+      auth_request_set $token $upstream_http_x_auth_request_access_token;
+      proxy_set_header X-Access-Token $token;
 spec:
   ingressClassName: nginx 
   rules:
diff --git a/kubernetes/system/oauth2-proxy/base/ingress.yaml b/kubernetes/system/oauth2-proxy/base/ingress.yaml
index e9b1614..3dc12aa 100644
--- a/kubernetes/system/oauth2-proxy/base/ingress.yaml
+++ b/kubernetes/system/oauth2-proxy/base/ingress.yaml
@@ -11,7 +11,7 @@ spec:
   - host: oauth2.ninebasetwo.net
     http:
       paths:
-      - path: /oauth2
+      - path: /
         pathType: Prefix
         backend:
           service:
diff --git a/kubernetes/system/oauth2-proxy/helm/values.yaml b/kubernetes/system/oauth2-proxy/helm/values.yaml
index 06625e5..740e0b0 100644
--- a/kubernetes/system/oauth2-proxy/helm/values.yaml
+++ b/kubernetes/system/oauth2-proxy/helm/values.yaml
@@ -52,6 +52,7 @@ config:
     cookie_domains = [ ".ninebasetwo.net" ]
     cookie_secure = true
     redirect_url = "https://oauth2.ninebasetwo.net/oauth2/callback"
+    proxy_prefix = "/oauth2"
   # Custom configuration file: oauth2_proxy.cfg
   # configFile: |-
   #   pass_basic_auth = false