diff --git a/tests/emergency-server/tier2-validation.spec.ts b/tests/emergency-server/tier2-validation.spec.ts
index 0bc07dee..2435d3b5 100644
--- a/tests/emergency-server/tier2-validation.spec.ts
+++ b/tests/emergency-server/tier2-validation.spec.ts
@@ -15,7 +15,7 @@ import { test, expect } from '@playwright/test';
 
 test.describe('Break Glass - Tier 2 (Emergency Server)', () => {
   const EMERGENCY_BASE_URL = 'http://localhost:2020';
-  const EMERGENCY_TOKEN = 'test-emergency-token-for-e2e-32chars';
+  const EMERGENCY_TOKEN = process.env.CHARON_EMERGENCY_TOKEN || 'test-emergency-token-for-e2e-32chars';
   const BASIC_AUTH = 'Basic ' + Buffer.from('admin:testpass').toString('base64');
 
   test('should access emergency server health endpoint without ACL blocking', async ({ request }) => {
diff --git a/tests/global-setup.ts b/tests/global-setup.ts
index 081f2248..e7f0466e 100644
--- a/tests/global-setup.ts
+++ b/tests/global-setup.ts
@@ -126,7 +126,7 @@ async function globalSetup(): Promise<void> {
 async function emergencySecurityReset(requestContext: APIRequestContext): Promise<void> {
   console.log('🔓 Performing emergency security reset...');
 
-  const emergencyToken = 'test-emergency-token-for-e2e-32chars';
+  const emergencyToken = process.env.CHARON_EMERGENCY_TOKEN || 'test-emergency-token-for-e2e-32chars';
 
   try {
     // Use the CORRECT endpoint: /api/v1/emergency/security-reset