diff --git a/Dockerfile b/Dockerfile
index ec6319085d4fc335c787adff566231eb10a5028a..44e37147bb0347c9ffe62b47218a12603dc37f48 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -24,5 +24,5 @@ COPY --from=build /app/target/*.jar app.jar
 EXPOSE 8080
 
 # Run the application
-CMD ["java", "-jar", "app.jar", "-DAPI_URL=\"https://api.sparesti.org\""]
+CMD ["java", "-DAPI_URL=https://api.sparesti.org", "-jar", "app.jar"]
 
diff --git a/src/main/java/no/ntnu/idi/stud/savingsapp/security/SecurityConfig.java b/src/main/java/no/ntnu/idi/stud/savingsapp/security/SecurityConfig.java
index 4d575bb34697c990a8c3fcae19afc25f7a50af4b..b1ff0788d0a9c354aee93c91b76b70fdcd6bfa20 100644
--- a/src/main/java/no/ntnu/idi/stud/savingsapp/security/SecurityConfig.java
+++ b/src/main/java/no/ntnu/idi/stud/savingsapp/security/SecurityConfig.java
@@ -65,9 +65,9 @@ public class SecurityConfig {
   @Bean
   public CorsConfigurationSource corsConfigurationSource() {
     CorsConfiguration config = new CorsConfiguration();
-    System.out.println("API_URL: " + System.getenv().getOrDefault("API_URL", "http://localhost"));
+    System.out.println("API_URL: " + System.getProperty("API_URL", "http://localhost"));
     config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
-    config.setAllowedOrigins(List.of(System.getenv().getOrDefault("API_URL", "http://localhost")));
+    config.setAllowedOrigins(List.of(System.getProperty("API_URL", "http://localhost")));
     config.setAllowedHeaders(Arrays.asList("Authorization", "Content-Type", "Cache-Control"));
     config.setAllowCredentials(true);