diff --git a/pkg/gordio/auth/auth.go b/pkg/gordio/auth/auth.go
index 1f10e5c..26c9b11 100644
--- a/pkg/gordio/auth/auth.go
+++ b/pkg/gordio/auth/auth.go
@@ -27,16 +27,15 @@ type Authenticator interface {
 }
 
 type authenticator struct {
-	domain string
-	jwt    *jwtauth.JWTAuth
-	cfg    *config.Auth
+	jwt *jwtauth.JWTAuth
+	cfg config.Auth
 }
 
 // NewAuthenticator creates a new Authenticator with the provided config.
-func NewAuthenticator(cfg *config.Auth) Authenticator {
+func NewAuthenticator(cfg config.Auth) Authenticator {
 	return &authenticator{
-		domain: cfg.Domain,
-		jwt:    jwtauth.New("HS256", []byte(cfg.JWTSecret), nil),
+		jwt: jwtauth.New("HS256", []byte(cfg.JWTSecret), nil),
+		cfg: cfg,
 	}
 }
 
diff --git a/pkg/gordio/auth/jwt.go b/pkg/gordio/auth/jwt.go
index cc45ba5..306cbe8 100644
--- a/pkg/gordio/auth/jwt.go
+++ b/pkg/gordio/auth/jwt.go
@@ -120,7 +120,7 @@ func (a *authenticator) routeAuth(w http.ResponseWriter, r *http.Request) {
 		Value:    tok,
 		HttpOnly: true,
 		Secure:   a.allowInsecureCookie(r),
-		Domain:   a.domain,
+		Domain:   a.cfg.Domain,
 	})
 
 	jr := struct {
diff --git a/pkg/gordio/server/server.go b/pkg/gordio/server/server.go
index 25e71d6..ed95bdf 100644
--- a/pkg/gordio/server/server.go
+++ b/pkg/gordio/server/server.go
@@ -30,7 +30,7 @@ func New(cfg *config.Config) (*Server, error) {
 	}
 
 	r := chi.NewRouter()
-	authenticator := auth.NewAuthenticator(&cfg.Auth)
+	authenticator := auth.NewAuthenticator(cfg.Auth)
 	srv := &Server{
 		auth: authenticator,
 		conf: cfg,