diff --git a/README.md b/README.md
index a0f6cbc..1511132 100644
--- a/README.md
+++ b/README.md
@@ -172,6 +172,9 @@ Below is the complete list of parameters that can be set using environment varia
 - **REDIS_SERVER_PORT**:  The Redis server port number.
 - **NGINX_WORKER_PROCESSES**: Defines the number of nginx worker processes.
 - **NGINX_WORKER_CONNECTIONS**: Sets the maximum number of simultaneous connections that can be opened by a nginx worker process.
+- **JWT_ENABLED**: Specifies the enabling the JSON Web Token validation by the ONLYOFFICE Document Server. Defaults to `false`.
+- **JWT_SECRET**: Defines the secret key to validate the JSON Web Token in the request to the ONLYOFFICE Document Server. Defaults to `secret`.
+- **JWT_HEADER**: Defines the http header that will be used to send the JSON Web Token. Defaults to `Authorization`.
 
 ## Installing ONLYOFFICE Document Server integrated with Community and Mail Servers
 
diff --git a/run-document-server.sh b/run-document-server.sh
index 7a7c9c1..5763d70 100755
--- a/run-document-server.sh
+++ b/run-document-server.sh
@@ -28,11 +28,17 @@ NGINX_CONFIG_PATH="/etc/nginx/nginx.conf"
 NGINX_WORKER_PROCESSES=${NGINX_WORKER_PROCESSES:-$(grep processor /proc/cpuinfo | wc -l)}
 NGINX_WORKER_CONNECTIONS=${NGINX_WORKER_CONNECTIONS:-$(ulimit -n)}
 
+JWT_ENABLED=${JWT_ENABLED:-false}
+JWT_SECRET=${JWT_SECRET:-secret}
+JWT_HEADER=${JWT_HEADER:-Authorization}
+
 ONLYOFFICE_DEFAULT_CONFIG=${CONF_DIR}/default.json
 ONLYOFFICE_LOG4JS_CONFIG=${CONF_DIR}/log4js/production.json
+ONLYOFFICE_EXAMPLE_CONFIG=${CONF_DIR}-example/default.json
 
 JSON="json -q -f ${ONLYOFFICE_DEFAULT_CONFIG}"
 JSON_LOG="json -q -f ${ONLYOFFICE_LOG4JS_CONFIG}"
+JSON_EXAMPLE="json -q -f ${ONLYOFFICE_EXAMPLE_CONFIG}"
 
 LOCAL_SERVICES=()
 
@@ -136,6 +142,27 @@ update_redis_settings(){
   ${JSON} -I -e "this.services.CoAuthoring.redis.port = '${REDIS_SERVER_PORT}'"
 }
 
+update_jwt_settings(){
+  if [ "${JWT_ENABLED}" == "true" ]; then
+    ${JSON} -I -e "this.services.CoAuthoring.token.enable.browser = '${JWT_ENABLED}'"
+    ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.inbox = '${JWT_ENABLED}'"
+    ${JSON} -I -e "this.services.CoAuthoring.token.enable.request.outbox = '${JWT_ENABLED}'"
+
+    ${JSON} -I -e "this.services.CoAuthoring.secret.inbox.string = '${JWT_SECRET}'"
+    ${JSON} -I -e "this.services.CoAuthoring.secret.outbox.string = '${JWT_SECRET}'"
+    ${JSON} -I -e "this.services.CoAuthoring.secret.session.string = '${JWT_SECRET}'"
+
+    ${JSON} -I -e "this.services.CoAuthoring.token.inbox.header = '${JWT_HEADER}'"
+    ${JSON} -I -e "this.services.CoAuthoring.token.outbox.header = '${JWT_HEADER}'"
+
+    if [ -f "${ONLYOFFICE_EXAMPLE_CONFIG}" ]; then
+      ${JSON_EXAMPLE} -I -e "this.server.token.enable = '${JWT_ENABLED}'"
+      ${JSON_EXAMPLE} -I -e "this.server.token.secret = '${JWT_SECRET}'"
+      ${JSON_EXAMPLE} -I -e "this.server.token.authorizationHeader = '${JWT_HEADER}'"
+    fi
+  fi
+}
+
 create_postgresql_cluster(){
   local pg_conf_dir=/etc/postgresql/${PG_VERSION}/${PG_NAME}
   local postgresql_conf=$pg_conf_dir/postgresql.conf
@@ -235,6 +262,8 @@ if [ ${ONLYOFFICE_DATA_CONTAINER_HOST} = "localhost" ]; then
 
   update_log_settings
 
+  update_jwt_settings
+
   # update settings by env variables
   if [ ${POSTGRESQL_SERVER_HOST} != "localhost" ]; then
     update_postgresql_settings