diff --git a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/config/OnboardingFunctionConfig.java b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/config/OnboardingFunctionConfig.java
index 34f32f2d8..fc3811af0 100644
--- a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/config/OnboardingFunctionConfig.java
+++ b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/config/OnboardingFunctionConfig.java
@@ -63,9 +63,9 @@ public Pkcs7HashSignService arubaPkcs7HashSignService(){
         return new ArubaPkcs7HashSignServiceImpl(new ArubaSignServiceImpl());
     }
 
-    public Pkcs7HashSignService namirialPkcs7HashSignService(String username, String password){
+    public Pkcs7HashSignService namirialPkcs7HashSignService(){
         log.info("Signature will be performed using NamirialPkcs7HashSignServiceImpl");
-        return new NamirialPkcs7HashSignServiceImpl(new NamiralSignServiceImpl(username,password));
+        return new NamirialPkcs7HashSignServiceImpl(new NamiralSignServiceImpl());
     }
 
 
@@ -89,12 +89,10 @@ public Pkcs7HashSignService pkcs7HashSignService(){
         return new Pkcs7HashSignServiceImpl();
     }
     @ApplicationScoped
-    public PadesSignService padesSignService(@ConfigProperty(name = "onboarding-functions.pagopa-signature.source") String source,
-                                             @ConfigProperty(name = "onboarding-functions.pagopa-signature.namirial-user") String username,
-                                             @ConfigProperty(name = "onboarding-functions.pagopa-signature.namirial-psw") String psw){
+    public PadesSignService padesSignService(@ConfigProperty(name = "onboarding-functions.pagopa-signature.source") String source){
         return switch (source) {
             case SIGNATURE_SOURCE_ARUBA -> new PadesSignServiceImpl(arubaPkcs7HashSignService());
-            case SIGNATURE_SOURCE_NAMIRIAL -> new PadesSignServiceImpl(namirialPkcs7HashSignService(username, psw));
+            case SIGNATURE_SOURCE_NAMIRIAL -> new PadesSignServiceImpl(namirialPkcs7HashSignService());
             case SIGNATURE_SOURCE_DISABLED -> new PadesSignServiceImpl(disabledPkcs7HashSignService());
             default -> new PadesSignServiceImpl(pkcs7HashSignService());
         };
diff --git a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/config/PagoPaSignatureConfig.java b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/config/PagoPaSignatureConfig.java
index 040350657..090f0edca 100644
--- a/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/config/PagoPaSignatureConfig.java
+++ b/apps/onboarding-functions/src/main/java/it/pagopa/selfcare/onboarding/config/PagoPaSignatureConfig.java
@@ -14,7 +14,4 @@ public interface PagoPaSignatureConfig {
 
     String applyOnboardingTemplateReason();
 
-    String namirialUser();
-
-    String namirialPsw();
 }
diff --git a/apps/onboarding-functions/src/main/resources/application.properties b/apps/onboarding-functions/src/main/resources/application.properties
index 685bd89eb..c25f9dd5f 100644
--- a/apps/onboarding-functions/src/main/resources/application.properties
+++ b/apps/onboarding-functions/src/main/resources/application.properties
@@ -178,8 +178,6 @@ onboarding-functions.pagopa-signature.source=${PAGOPA_SIGNATURE_SOURCE:disabled}
 onboarding-functions.pagopa-signature.signer=${PAGOPA_SIGNATURE_SIGNER:PagoPA S.p.A.}
 onboarding-functions.pagopa-signature.location=${PAGOPA_SIGNATURE_LOCATION:Roma}
 onboarding-functions.pagopa-signature.apply-onboarding-template-reason=${PAGOPA_SIGNATURE_ONBOARDING_REASON_TEMPLATE:Firma contratto adesione prodotto}
-onboarding-functions.pagopa-signature.namirial-user=${NAMIRIAL_SIGN_SERVICE_IDENTITY_USER:test}
-onboarding-functions.pagopa-signature.namirial-psw=${NAMIRIAL_SIGN_SERVICE_IDENTITY_PASSWORD:test}
 
 ## Jacoco
 quarkus.jacoco.includes=it/pagopa/selfcare/onboarding/*,it/pagopa/selfcare/onboarding/service/**,it/pagopa/selfcare/onboarding/repository/**
diff --git a/infra/functions/onboarding-functions/env/dev/terraform.tfvars b/infra/functions/onboarding-functions/env/dev/terraform.tfvars
index ebbdde5c9..715dc15b2 100644
--- a/infra/functions/onboarding-functions/env/dev/terraform.tfvars
+++ b/infra/functions/onboarding-functions/env/dev/terraform.tfvars
@@ -107,6 +107,7 @@ app_settings = {
 
   ##NAMIRIAL SIGNATURE
   "PAGOPA_SIGNATURE_SOURCE"                 = "disabled",
+  "NAMIRIAL_BASE_URL"                       = "https://selc-d-namirial-sign-ca.whitemoss-eb7ef327.westeurope.azurecontainerapps.io",
   "NAMIRIAL_SIGN_SERVICE_IDENTITY_USER"     = "@Microsoft.KeyVault(SecretUri=https://selc-d-kv.vault.azure.net/secrets/namirial-sign-service-user/)",
   "NAMIRIAL_SIGN_SERVICE_IDENTITY_PASSWORD" = "@Microsoft.KeyVault(SecretUri=https://selc-d-kv.vault.azure.net/secrets/namirial-sign-service-psw/)"
 }
\ No newline at end of file
diff --git a/infra/functions/onboarding-functions/env/prod/terraform.tfvars b/infra/functions/onboarding-functions/env/prod/terraform.tfvars
index 2821a35dc..bfc4abf1d 100644
--- a/infra/functions/onboarding-functions/env/prod/terraform.tfvars
+++ b/infra/functions/onboarding-functions/env/prod/terraform.tfvars
@@ -119,6 +119,7 @@ app_settings = {
   "JWT_TOKEN_KID"                                  = "@Microsoft.KeyVault(SecretUri=https://selc-p-kv.vault.azure.net/secrets/jwt-kid/)"
 
   ##NAMIRIAL SIGNATURE
+  "NAMIRIAL_BASE_URL"                       = "https://selc-p-namirial-sign-ca.lemonpond-bb0b750e.westeurope.azurecontainerapps.io",
   "NAMIRIAL_SIGN_SERVICE_IDENTITY_USER"     = "@Microsoft.KeyVault(SecretUri=https://selc-p-kv.vault.azure.net/secrets/namirial-sign-service-user/)",
   "NAMIRIAL_SIGN_SERVICE_IDENTITY_PASSWORD" = "@Microsoft.KeyVault(SecretUri=https://selc-p-kv.vault.azure.net/secrets/namirial-sign-service-psw/)"
 }
\ No newline at end of file
diff --git a/infra/functions/onboarding-functions/env/uat/terraform.tfvars b/infra/functions/onboarding-functions/env/uat/terraform.tfvars
index 33c9f4aa3..bbcaa4c1f 100644
--- a/infra/functions/onboarding-functions/env/uat/terraform.tfvars
+++ b/infra/functions/onboarding-functions/env/uat/terraform.tfvars
@@ -118,6 +118,7 @@ app_settings = {
   "JWT_TOKEN_KID"                                      = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/jwt-kid/)"
 
   ##NAMIRIAL SIGNATURE
+  "NAMIRIAL_BASE_URL"                       = "https://selc-u-namirial-sign-ca.mangopond-2a5d4d65.westeurope.azurecontainerapps.io",
   "NAMIRIAL_SIGN_SERVICE_IDENTITY_USER"     = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/namirial-sign-service-user/)",
   "NAMIRIAL_SIGN_SERVICE_IDENTITY_PASSWORD" = "@Microsoft.KeyVault(SecretUri=https://selc-u-kv.vault.azure.net/secrets/namirial-sign-service-psw/)"
 }
\ No newline at end of file
diff --git a/libs/onboarding-sdk-crypto/src/main/java/it/pagopa/selfcare/onboarding/crypto/NamiralSignServiceImpl.java b/libs/onboarding-sdk-crypto/src/main/java/it/pagopa/selfcare/onboarding/crypto/NamiralSignServiceImpl.java
index 8dd1c014c..a95c1f54e 100644
--- a/libs/onboarding-sdk-crypto/src/main/java/it/pagopa/selfcare/onboarding/crypto/NamiralSignServiceImpl.java
+++ b/libs/onboarding-sdk-crypto/src/main/java/it/pagopa/selfcare/onboarding/crypto/NamiralSignServiceImpl.java
@@ -16,16 +16,12 @@
 public class NamiralSignServiceImpl implements NamirialSignService {
 
     private final NamirialHttpClient namirialHttpClient;
-    private final String username;
-    private final String password;
+    private static final String USERNAME = System.getenv("NAMIRIAL_SIGN_SERVICE_IDENTITY_USER");
+    private static final String PASSWORD = System.getenv("NAMIRIAL_SIGN_SERVICE_IDENTITY_PASSWORD");
 
     // Constructor for manual dependency injection
-    public NamiralSignServiceImpl(String username,
-                                  String password
-    ) {
+    public NamiralSignServiceImpl() {
         this.namirialHttpClient = new NamirialHttpClient();
-        this.username = username;
-        this.password = password;
     }
 
     @Override
@@ -38,7 +34,7 @@ public byte[] pkcs7Signhash(InputStream is) {
             // Copy InputStream data to the temporary file
             Files.copy(is, tempFilePath, StandardCopyOption.REPLACE_EXISTING);
 
-            Credentials credentials = new Credentials(username, password);
+            Credentials credentials = new Credentials(USERNAME, PASSWORD);
             Preferences preferences = new Preferences("SHA256");
             SignRequest request = new SignRequest(tempFile, credentials, preferences);
 
diff --git a/libs/onboarding-sdk-crypto/src/main/java/it/pagopa/selfcare/onboarding/crypto/client/NamirialHttpClient.java b/libs/onboarding-sdk-crypto/src/main/java/it/pagopa/selfcare/onboarding/crypto/client/NamirialHttpClient.java
index ef9f062bb..769c45932 100644
--- a/libs/onboarding-sdk-crypto/src/main/java/it/pagopa/selfcare/onboarding/crypto/client/NamirialHttpClient.java
+++ b/libs/onboarding-sdk-crypto/src/main/java/it/pagopa/selfcare/onboarding/crypto/client/NamirialHttpClient.java
@@ -11,9 +11,9 @@
 
 public class NamirialHttpClient {
 
-    private static final String NAMIRIAL_BASE_URL = "https://sws.test.namirialtsp.com/SignEngineWeb";
+    private static final String NAMIRIAL_BASE_URL = System.getenv("NAMIRIAL_BASE_URL");
 
-    private static final String NAMIRIAL_SIGN_PADES_URL = NAMIRIAL_BASE_URL + "/rest/service/signPAdES";
+    private static final String NAMIRIAL_SIGN_PADES_URL = NAMIRIAL_BASE_URL + "/SignEngineWeb/rest/service/signPAdES";
 
     public byte[] signDocument(SignRequest request) throws IOException {
         // Initialize HTTP Transport and Request Factory