diff --git a/azure-cron/add_to_running_db.sh b/azure-cron/add_to_running_db.sh
index be3965aa..b25d9114 100755
--- a/azure-cron/add_to_running_db.sh
+++ b/azure-cron/add_to_running_db.sh
@@ -4,3 +4,6 @@ ls -- *.pem | gsed 's/\.pem//gi' \
 | xargs -J{} sh -c 'pem_string=$(cat -- {}.pem);\
 curl  -k -vvv -X PUT  http://admin:couchdb@localhost:5984/_node/_local/_config/jwt_keys/rsa:{} -d "$pem_string"'
 # | xargs  -I {} sh -c 'curl -k -v -X PUT http://admin:couchdb@localhost:5984/_node/_local/_config/jwt_keys/rsa:{} -d <<EOF "\"$(cat -- {}.pem)\"EOF"'
+printf "%q" "hello\world"
+
+"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV8eXna9NCyzvgVZvbz1\\n8NhLIAfo1Qzn+VQQCbQzyGi2KDe3RI2sLeHltv9mVI2sahcRjgvhYNSETyxqHaKw\\n3w8L4jg0kJdfzhD8dvpl32hunOCzuY2WpyJVq6CkxzGN4iikWTEIe/GMGsu9qhdx\\nybaTCBTAya8qyKL1sbEByk8FiY6nsm6BhuRUVCh/rzfAp3HY+U/58ORLF1tmZrmS\\nljHMFwlxvYuOIlKHacXy9gen8HsT7PUSA4n2PdnT1XAmlKJG1mzvdqyG2L3iRQJ4\\n5tcmrERKcd1pYwhb7ZtTyKypkeR9lkKbaYiQUt1QhpeO12pH1bRB1/k9MMzOm8Ca\\n1QIDAQAB\\n-----END PUBLIC KEY-----\\n\n"
\ No newline at end of file
diff --git a/azure-cron/azure.json b/azure-cron/azure.json
new file mode 100644
index 00000000..5e486fef
--- /dev/null
+++ b/azure-cron/azure.json
@@ -0,0 +1 @@
+{"keys":[{"kty":"RSA","use":"sig","kid":"XRvko8P7A3UaWSnU7bM9nT0MjhA","x5t":"XRvko8P7A3UaWSnU7bM9nT0MjhA","n":"vRIL3aZt-xVqOZgMOr71ltWe9YY2Wf_B28C4Jl2nBSTEcFnf_eqOHZ8yzUBbLc4Nti2_ETcCsTUNuzS368BWkSgxc45JBH1wFSoWNFUSXaPt8mRwJYTF0H32iNhw_tBb9mvdQVgVs4Ci0dVJRYiz-ilk3PeO8wzlwRuwWIsaKFYlMyOKG9DVFbg93DmP5Tjq3C3oJlATyhAiJJc1T2trEP8960an33dDEaWwVAHh3c_34meAO4R6kLzIq0JnSsZMYB9O_6bMyIlzxmdZ8F442SynCUHxhnIh3yZew-xDdeHr6Ofl7KeVUcvSiZP9X44CaVJvknXQbBYNl-H7YF5RgQ","e":"AQAB","x5c":["MIIC/jCCAeagAwIBAgIJAKysonliFZLIMA0GCSqGSIb3DQEBCwUAMC0xKzApBgNVBAMTImFjY291bnRzLmFjY2Vzc2NvbnRyb2wud2luZG93cy5uZXQwHhcNMjQwMjA4MTcwMjUzWhcNMjkwMjA4MTcwMjUzWjAtMSswKQYDVQQDEyJhY2NvdW50cy5hY2Nlc3Njb250cm9sLndpbmRvd3MubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRIL3aZt+xVqOZgMOr71ltWe9YY2Wf/B28C4Jl2nBSTEcFnf/eqOHZ8yzUBbLc4Nti2/ETcCsTUNuzS368BWkSgxc45JBH1wFSoWNFUSXaPt8mRwJYTF0H32iNhw/tBb9mvdQVgVs4Ci0dVJRYiz+ilk3PeO8wzlwRuwWIsaKFYlMyOKG9DVFbg93DmP5Tjq3C3oJlATyhAiJJc1T2trEP8960an33dDEaWwVAHh3c/34meAO4R6kLzIq0JnSsZMYB9O/6bMyIlzxmdZ8F442SynCUHxhnIh3yZew+xDdeHr6Ofl7KeVUcvSiZP9X44CaVJvknXQbBYNl+H7YF5RgQIDAQABoyEwHzAdBgNVHQ4EFgQU8Sqmrf0UFpZbGtl5y1CjUdQq5ycwDQYJKoZIhvcNAQELBQADggEBAA57FiIOUs5yyLD6a6rWCbQ4Z2XJTfQb+TM/tZ6V6QqNhSS+Q98KFOIWe9Sit0iAyDsCCKuA8f08PYnUiHmHq8dG/7YRTShE/3zCZXHYKJgMaBhYfS788zQuq/hXDdVVc5X0pZwM4ibc6+2XpcpeDHxpMOLwo2AwujDdHVLzedAkIaTCzwPIizP4LB6l6IxR+xRXsH/1f034Gk3ReAEGgHW12NkajtXmC3DKl6vGIHvx1PgAMWQbxq3F2OopNx6aZEIIZWcMpQZ6/62f3pxRJHzZiJZN+khV8hpNjJvCNf6/hNbxkLcjLAycjW8AttcCRSTM4F+02S3TyHmoE4pYywA="],"issuer":"https://login.microsoftonline.com/48617df8-fd3d-471b-8f71-dcf99a2ceb27/v2.0"},{"kty":"RSA","use":"sig","kid":"qor_VePWgmxWy3r1dpfsWsw2-zY","x5t":"qor_VePWgmxWy3r1dpfsWsw2-zY","n":"rV8eXna9NCyzvgVZvbz18NhLIAfo1Qzn-VQQCbQzyGi2KDe3RI2sLeHltv9mVI2sahcRjgvhYNSETyxqHaKw3w8L4jg0kJdfzhD8dvpl32hunOCzuY2WpyJVq6CkxzGN4iikWTEIe_GMGsu9qhdxybaTCBTAya8qyKL1sbEByk8FiY6nsm6BhuRUVCh_rzfAp3HY-U_58ORLF1tmZrmSljHMFwlxvYuOIlKHacXy9gen8HsT7PUSA4n2PdnT1XAmlKJG1mzvdqyG2L3iRQJ45tcmrERKcd1pYwhb7ZtTyKypkeR9lkKbaYiQUt1QhpeO12pH1bRB1_k9MMzOm8Ca1Q","e":"AQAB","x5c":["MIIC6jCCAdKgAwIBAgIJAMqvEglnjttEMA0GCSqGSIb3DQEBCwUAMCMxITAfBgNVBAMTGGxvZ2luLm1pY3Jvc29mdG9ubGluZS51czAeFw0yNDAxMjQyMjE0MjNaFw0yOTAxMjQyMjE0MjNaMCMxITAfBgNVBAMTGGxvZ2luLm1pY3Jvc29mdG9ubGluZS51czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK1fHl52vTQss74FWb289fDYSyAH6NUM5/lUEAm0M8hotig3t0SNrC3h5bb/ZlSNrGoXEY4L4WDUhE8sah2isN8PC+I4NJCXX84Q/Hb6Zd9obpzgs7mNlqciVaugpMcxjeIopFkxCHvxjBrLvaoXccm2kwgUwMmvKsii9bGxAcpPBYmOp7JugYbkVFQof683wKdx2PlP+fDkSxdbZma5kpYxzBcJcb2LjiJSh2nF8vYHp/B7E+z1EgOJ9j3Z09VwJpSiRtZs73ashti94kUCeObXJqxESnHdaWMIW+2bU8isqZHkfZZCm2mIkFLdUIaXjtdqR9W0Qdf5PTDMzpvAmtUCAwEAAaMhMB8wHQYDVR0OBBYEFKOxwRo5B0oCCCLMp8I/cHosF4cPMA0GCSqGSIb3DQEBCwUAA4IBAQCifXD9bW3dh6WAwfFHnL2HefUhuDQzisAZBR0o6kPASObicJK91BtfVg6iYW0LUCE70EVnFkyypTy19JIPf3zutQkHFAdXtS2/0NiR0vRJ561gi5Yqjl9BW9Az6Eb/O4UEzqBpe313FNt2co8I0OjRNhbKB1lIPUu6UZs5qBdfTwQFB6fU/XfXHnpZERZgRUZu5mku/n2EHZ1iMe9of1Qv/AtXgB51ZlfpT6YbrqMJBJs1yHxLd+rYqoXCwWLoBlJ3xYm4jEzSHPLjFgqHrUb9Cl2SazRKhV/UBAGqq0xG6qZMoiWvcfv0equddGa/r84lrEU2y1RBGUGw15jiLL/y"],"issuer":"https://login.microsoftonline.com/48617df8-fd3d-471b-8f71-dcf99a2ceb27/v2.0"}]}
\ No newline at end of file
diff --git a/azure-cron/entrypoint.sh b/azure-cron/entrypoint.sh
index 430244ab..5bf7eca5 100755
--- a/azure-cron/entrypoint.sh
+++ b/azure-cron/entrypoint.sh
@@ -1,7 +1,73 @@
-#!/bin/sh
+#!/usr/bin/env sh
 
-env >> /etc/environment
+echo 'start of configuration jwt_keys update';
 
-# execute CMD
-echo "$@"
-exec "$@"
+if [ -z "$VUE_APP_AUTH_TENANT_ID" ]; then
+  echo "VUE_APP_AUTH_TENANT_ID is not set";
+  exit 1;
+fi
+if [ -z "$COUCHDB_USER" ]; then
+  echo "COUCHDB_USER is not set";
+  exit 1;
+fi
+if [ -z "$COUCHDB_PASSWORD" ]; then
+  echo "COUCHDB_PASSWORD is not set";
+  exit 1;
+fi
+
+if [ -z "$COUCHDB_HOST" ]; then
+  echo "COUCHDB_HOST is not set";
+  exit 1;
+fi
+
+echo "run apk update and install openssl, sed, curl, jq";
+apk update;
+apk add openssl;
+apk add --update sed;
+apk add curl;
+apk add jq;
+# have tenand-id in env
+# get json from https://login.microsoftonline.com/<tenant-id>/discovery/v2.0/keys
+
+temp_file=$(mktemp)
+keys_json_url="https://login.microsoftonline.com/$VUE_APP_AUTH_TENANT_ID/discovery/v2.0/keys"
+
+wget -O ${temp_file} $keys_json_url
+cat /${temp_file} | python3 -c 'import sys, json; keys = json.load(sys.stdin)["keys"]; [print(i["kid"], i["x5c"][0]) for i in keys]' | awk '{ print "-----BEGIN CERTIFICATE-----\n" $2   "\n" "-----END CERTIFICATE-----\n"> ($1 ".cer") }'
+
+for file in $(find . -name "*.cer"); do
+	outputFile=${file%.cer}.pem
+	echo ${file}
+	openssl x509 -pubkey -noout -in ${file} >${outputFile} || rm ${outputFile}
+done
+
+result=$(echo "{"
+ls -- *.pem | sed 's/\.pem//gi' \
+| xargs  -I {} sh -c 'echo "\"rsa:{}\": \"$(cat -- {}.pem)" '  \
+| sed -z 's/\n/\\\\n/g' \
+| sed 's/END PUBLIC KEY-----\\\\n/END PUBLIC KEY-----\\\\n\",\n/g'\
+| sed 's/END CERTIFICATE-----\\\\n/END CERTIFICATE-----\\\\n\",\n/g'
+echo "}"
+)
+
+
+echo "${result}" >> jwt_keys.json
+
+sed -zi 's/,\n}/\n}/g'  jwt_keys.json
+
+for key in $(jq -r 'keys[]' jwt_keys.json); do
+  echo "BEGIN------------------------"
+  value=$(jq ".[\"$key\"]" jwt_keys.json | sed 's/"//gi')
+  echo "key: $key"
+  echo "value: \"${value}\""
+  curl -k -vvv -X PUT "http://${COUCHDB_USER}:${COUCHDB_PASSWORD}@${COUCHDB_HOST}:5984/_node/_local/_config/jwt_keys/${key}" -d "\"${value}\""
+  echo "-----------------------END"
+done
+
+rm jwt_keys.json
+
+# reload configuration
+# POST /_node/nonode@nohost/_config/_reload 
+curl -X POST "http://${COUCHDB_USER}:${COUCHDB_PASSWORD}@${COUCHDB_HOST}:5984/_node/_local/_config/refresh"
+
+echo "end of configuration jwt_keys update";
diff --git a/azure-cron/jwt_keys.ini b/azure-cron/jwt_keys.ini
new file mode 100644
index 00000000..324e745e
--- /dev/null
+++ b/azure-cron/jwt_keys.ini
@@ -0,0 +1,6 @@
+; https://login.microsoftonline.com/<tenant-id>/discovery/v2.0/keys
+; In format rsa:<kid> = -----BEGIN PUBLIC KEY-----\n<public-key>\n-----END PUBLIC KEY-----\n
+; <public-key> can be get by "x509 -pubkey -noout -in cert.cer" where cert.cer is "-----BEGIN CERTIFICATE-----\n<x5c>\n-----END CERTIFICATE-----"
+; See /azure/convert.sh
+rsa:XRvko8P7A3UaWSnU7bM9nT0MjhA = -----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRIL3aZt+xVqOZgMOr71\nltWe9YY2Wf/B28C4Jl2nBSTEcFnf/eqOHZ8yzUBbLc4Nti2/ETcCsTUNuzS368BW\nkSgxc45JBH1wFSoWNFUSXaPt8mRwJYTF0H32iNhw/tBb9mvdQVgVs4Ci0dVJRYiz\n+ilk3PeO8wzlwRuwWIsaKFYlMyOKG9DVFbg93DmP5Tjq3C3oJlATyhAiJJc1T2tr\nEP8960an33dDEaWwVAHh3c/34meAO4R6kLzIq0JnSsZMYB9O/6bMyIlzxmdZ8F44\n2SynCUHxhnIh3yZew+xDdeHr6Ofl7KeVUcvSiZP9X44CaVJvknXQbBYNl+H7YF5R\ngQIDAQAB\n-----END PUBLIC KEY-----\n
+rsa:qor_VePWgmxWy3r1dpfsWsw2-zY = -----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV8eXna9NCyzvgVZvbz1\n8NhLIAfo1Qzn+VQQCbQzyGi2KDe3RI2sLeHltv9mVI2sahcRjgvhYNSETyxqHaKw\n3w8L4jg0kJdfzhD8dvpl32hunOCzuY2WpyJVq6CkxzGN4iikWTEIe/GMGsu9qhdx\nybaTCBTAya8qyKL1sbEByk8FiY6nsm6BhuRUVCh/rzfAp3HY+U/58ORLF1tmZrmS\nljHMFwlxvYuOIlKHacXy9gen8HsT7PUSA4n2PdnT1XAmlKJG1mzvdqyG2L3iRQJ4\n5tcmrERKcd1pYwhb7ZtTyKypkeR9lkKbaYiQUt1QhpeO12pH1bRB1/k9MMzOm8Ca\n1QIDAQAB\n-----END PUBLIC KEY-----\n
diff --git a/couchdb/local.ini b/couchdb/local.ini
index be18df22..b79ad771 100644
--- a/couchdb/local.ini
+++ b/couchdb/local.ini
@@ -24,8 +24,12 @@ debug = true
 
 ; https://docs.couchdb.org/en/stable/api/server/authn.html#jwt-authentication
 [jwt_keys]
-rsa:XRvko8P7A3UaWSnU7bM9nT0MjhA = -----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRIL3aZt+xVqOZgMOr71\nltWe9YY2Wf/B28C4Jl2nBSTEcFnf/eqOHZ8yzUBbLc4Nti2/ETcCsTUNuzS368BW\nkSgxc45JBH1wFSoWNFUSXaPt8mRwJYTF0H32iNhw/tBb9mvdQVgVs4Ci0dVJRYiz\n+ilk3PeO8wzlwRuwWIsaKFYlMyOKG9DVFbg93DmP5Tjq3C3oJlATyhAiJJc1T2tr\nEP8960an33dDEaWwVAHh3c/34meAO4R6kLzIq0JnSsZMYB9O/6bMyIlzxmdZ8F44\n2SynCUHxhnIh3yZew+xDdeHr6Ofl7KeVUcvSiZP9X44CaVJvknXQbBYNl+H7YF5R\ngQIDAQAB\n-----END PUBLIC KEY-----\n
-rsa:qor_VePWgmxWy3r1dpfsWsw2-zY = -----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV8eXna9NCyzvgVZvbz1\n8NhLIAfo1Qzn+VQQCbQzyGi2KDe3RI2sLeHltv9mVI2sahcRjgvhYNSETyxqHaKw\n3w8L4jg0kJdfzhD8dvpl32hunOCzuY2WpyJVq6CkxzGN4iikWTEIe/GMGsu9qhdx\nybaTCBTAya8qyKL1sbEByk8FiY6nsm6BhuRUVCh/rzfAp3HY+U/58ORLF1tmZrmS\nljHMFwlxvYuOIlKHacXy9gen8HsT7PUSA4n2PdnT1XAmlKJG1mzvdqyG2L3iRQJ4\n5tcmrERKcd1pYwhb7ZtTyKypkeR9lkKbaYiQUt1QhpeO12pH1bRB1/k9MMzOm8Ca\n1QIDAQAB\n-----END PUBLIC KEY-----\n
+; https://login.microsoftonline.com/<tenant-id>/discovery/v2.0/keys
+; In format rsa:<kid> = -----BEGIN PUBLIC KEY-----\n<public-key>\n-----END PUBLIC KEY-----\n
+; <public-key> can be get by "x509 -pubkey -noout -in cert.cer" where cert.cer is "-----BEGIN CERTIFICATE-----\n<x5c>\n-----END CERTIFICATE-----"
+; See /azure/convert.sh
+rsa:rsa:XRvko8P7A3UaWSnU7bM9nT0MjhA = -----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRIL3aZt+xVqOZgMOr71\nltWe9YY2Wf/B28C4Jl2nBSTEcFnf/eqOHZ8yzUBbLc4Nti2/ETcCsTUNuzS368BW\nkSgxc45JBH1wFSoWNFUSXaPt8mRwJYTF0H32iNhw/tBb9mvdQVgVs4Ci0dVJRYiz\n+ilk3PeO8wzlwRuwWIsaKFYlMyOKG9DVFbg93DmP5Tjq3C3oJlATyhAiJJc1T2tr\nEP8960an33dDEaWwVAHh3c/34meAO4R6kLzIq0JnSsZMYB9O/6bMyIlzxmdZ8F44\n2SynCUHxhnIh3yZew+xDdeHr6Ofl7KeVUcvSiZP9X44CaVJvknXQbBYNl+H7YF5R\ngQIDAQAB\n-----END PUBLIC KEY-----\n
+rsa:rsa:qor_VePWgmxWy3r1dpfsWsw2-zY = -----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV8eXna9NCyzvgVZvbz1\n8NhLIAfo1Qzn+VQQCbQzyGi2KDe3RI2sLeHltv9mVI2sahcRjgvhYNSETyxqHaKw\n3w8L4jg0kJdfzhD8dvpl32hunOCzuY2WpyJVq6CkxzGN4iikWTEIe/GMGsu9qhdx\nybaTCBTAya8qyKL1sbEByk8FiY6nsm6BhuRUVCh/rzfAp3HY+U/58ORLF1tmZrmS\nljHMFwlxvYuOIlKHacXy9gen8HsT7PUSA4n2PdnT1XAmlKJG1mzvdqyG2L3iRQJ4\n5tcmrERKcd1pYwhb7ZtTyKypkeR9lkKbaYiQUt1QhpeO12pH1bRB1/k9MMzOm8Ca\n1QIDAQAB\n-----END PUBLIC KEY-----\n
 
 [admins]
-admin = -pbkdf2-c597a22d78e26330c4e9ea3a194e5c95ea62869a,5cf4be6e5a075c37f7f57e1f66fb07a5,10
+admin = -pbkdf2-f72cf233302dffc8c0b53b9c4fb65ed7d6c93064,8afa4f826b045b608fdd2be29c17484a,10
diff --git a/docker-compose.yml b/docker-compose.yml
index f2da19ea..010dcff0 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -58,6 +58,18 @@ services:
     depends_on:
       - couchdb
       - reverse-proxy
+  cron_couchdb:
+    image: python:3.12-alpine
+    command: /entrypoint.sh
+    env_file:
+      - ./frontend/.env
+    environment:
+      - COUCHDB_USER=${COUCHDB_USER}
+      - COUCHDB_PASSWORD=${COUCHDB_PASSWORD}
+      - COUCHDB_HOST=couchdb
+    volumes:
+        - ./azure-cron/entrypoint.sh:/entrypoint.sh
+        - ./couchdb/local.ini:/local.ini
   init_couchdb:
     image: python:3.12-alpine
     command: /entrypoint.sh