diff --git a/src/akun/akun.controller.ts b/src/akun/akun.controller.ts
index 50229df04928a3ffcc35ca7ca4fbaace7967c7a0..3f283ca3406c69a70be7c9b970ec6191f1db87b1 100644
--- a/src/akun/akun.controller.ts
+++ b/src/akun/akun.controller.ts
@@ -83,8 +83,11 @@ export class AkunController {
     return this.akunService.findById(param.id);
   }
 
-  // TODO: protect/secure this endpoint
+  @ApiCookieAuth()
+  @ApiBearerAuth()
   @ApiOkResponse({ type: IdDto })
+  @UseGuards(JwtAuthGuard, RolesGuard)
+  @Roles(RoleEnum.ADMIN, RoleEnum.S1_TIM_TA, RoleEnum.S2_TIM_TESIS)
   @Put("/")
   createOrUpdateAccount(@Body() createAkunDto: CreateAkunDto) {
     return this.akunService.createOrUpdateAccount(createAkunDto);
diff --git a/src/app.module.ts b/src/app.module.ts
index 486c39a3e973c75d1a5b33fb16a7fd9435e88c9b..ab7f4f0663d82c5b0405b7417faafc50e5308b05 100644
--- a/src/app.module.ts
+++ b/src/app.module.ts
@@ -21,7 +21,7 @@ const defaultOptions: TypeOrmModuleOptions = {
   imports: [
     ConfigModule.forRoot({
       validate,
-      /* WARNING: allowUnknown is set to true, but please only use 
+      /* WARNING: allowUnknown is set to true, but please only use
       environment variables defined in env.validation.ts */
       validationOptions: { abortEarly: true, allowUnknown: true },
     }),
@@ -32,7 +32,7 @@ const defaultOptions: TypeOrmModuleOptions = {
       username: process.env.S1_POSTGRES_USER,
       password: process.env.S1_POSTGRES_PASSWORD,
       database: process.env.S1_POSTGRES_DATABASE,
-      synchronize: true,
+      // synchronize: true,
       name: "S1Connection",
     }),
     TypeOrmModule.forRoot({
@@ -42,7 +42,7 @@ const defaultOptions: TypeOrmModuleOptions = {
       username: process.env.S2_POSTGRES_USER,
       password: process.env.S2_POSTGRES_PASSWORD,
       database: process.env.S2_POSTGRES_DATABASE,
-      synchronize: true,
+      // synchronize: true,
       name: "S2Connection",
     }),
     AkunModule,