diff --git a/app/controllers/assignments.php b/app/controllers/assignments.php
index 78c5817026b7ffd2666a9b7290070fa0fe9f6e96..e1e0b266c5315b6c985bfc64ed98cdc9110ec37c 100644
--- a/app/controllers/assignments.php
+++ b/app/controllers/assignments.php
@@ -10,6 +10,7 @@ class Assignments extends Controller{
         $data['style'] = "/public/css/dashboard.css";
         $data['style'] = "/public/css/userlist.css";
         $data['user_id'] = $_SESSION['user_id'];
+        $data['apiKey'] = getenv('REST_KEY');
         if (isset($_SESSION['username'])) {
             $this->view('header/index', $data);
             $this->view('navbar/index', $data);
diff --git a/app/views/assignments/index.php b/app/views/assignments/index.php
index 34219a4af16c62461993fd0831433563e649e910..42caf2c8c38b9f99da2b0785df8d1d8712c714e9 100644
--- a/app/views/assignments/index.php
+++ b/app/views/assignments/index.php
@@ -11,6 +11,7 @@
 <script>
     const sid = <?php echo json_encode($_GET['sid']); ?>;
     const uid = <?php echo json_encode($data['user_id']); ?>;
+    const key = <?php echo json_encode($data['apiKey']); ?>;
 </script>
 
 <script src="/public/js/assignments.js"></script>
\ No newline at end of file
diff --git a/config/.env.example b/config/.env.example
index b62c47041ba8a4b6cb465786a487a6f395789011..fe575e3c1f908bad10eb25223e4e34c597e07438 100644
--- a/config/.env.example
+++ b/config/.env.example
@@ -3,4 +3,5 @@ DB_USER=scholee
 DB_PASSWORD=password
 DB_NAME=scholee
 SOAP_KEY=kunciT
-WSDL=http://soap-service:8080/ws/
\ No newline at end of file
+WSDL=http://soap-service:8080/ws/
+REST_KEY=phpKey
\ No newline at end of file
diff --git a/public/js/assignments.js b/public/js/assignments.js
index c52cec21a2790189bfea1c10e8ca0f7f8f775c5d..8a97b4a6e72bc3cadd760cb87ed7cc30e4504dc3 100644
--- a/public/js/assignments.js
+++ b/public/js/assignments.js
@@ -4,12 +4,11 @@ function renderAssignments(){
      */
 
     const element = document.getElementById("content");
-
+    
     const xhr = new XMLHttpRequest();
     xhr.open("GET", `http://localhost:5001/api/assignment/${sid}`)
     xhr.setRequestHeader("user_id", uid);
-    console.log(uid)
-    console.log("ASSIGNMENT JS")
+    xhr.setRequestHeader("x-api-key", key)
     xhr.onload = () => {
         const res = JSON.parse(xhr.response);