diff --git a/moneymgr_backend/src/controllers/server_controller.rs b/moneymgr_backend/src/controllers/server_controller.rs
index 6a5296b..0de1830 100644
--- a/moneymgr_backend/src/controllers/server_controller.rs
+++ b/moneymgr_backend/src/controllers/server_controller.rs
@@ -1,7 +1,44 @@
+use crate::app_config::AppConfig;
 use actix_web::HttpResponse;
 
+/// Serve robots.txt (disallow ranking)
 pub async fn robots_txt() -> HttpResponse {
     HttpResponse::Ok()
         .content_type("text/plain")
         .body("User-agent: *\nDisallow: /\n")
 }
+
+#[derive(serde::Serialize)]
+pub struct ServerConstraints {
+    // TODO
+}
+
+impl Default for ServerConstraints {
+    fn default() -> Self {
+        Self {
+            // TODO
+        }
+    }
+}
+
+#[derive(serde::Serialize)]
+struct ServerConfig {
+    auth_disabled: bool,
+    oidc_provider_name: &'static str,
+    constraints: ServerConstraints,
+}
+
+impl Default for ServerConfig {
+    fn default() -> Self {
+        Self {
+            auth_disabled: AppConfig::get().is_auth_disabled(),
+            oidc_provider_name: AppConfig::get().openid_provider().name,
+            constraints: Default::default(),
+        }
+    }
+}
+
+/// Get server static configuration
+pub async fn config() -> HttpResponse {
+    HttpResponse::Ok().json(ServerConfig::default())
+}
diff --git a/moneymgr_backend/src/main.rs b/moneymgr_backend/src/main.rs
index dec765c..3678bbe 100644
--- a/moneymgr_backend/src/main.rs
+++ b/moneymgr_backend/src/main.rs
@@ -49,7 +49,7 @@ async fn main() -> std::io::Result<()> {
 
     HttpServer::new(move || {
         let session_mw = SessionMiddleware::builder(redis_store.clone(), cookie_secret_key.clone())
-            .cookie_name("matrixgw-session".to_string())
+            .cookie_name("moneymgr-session".to_string())
             .session_lifecycle(SessionLifecycle::BrowserSession(Default::default()))
             .build();
 
@@ -72,6 +72,10 @@ async fn main() -> std::io::Result<()> {
             .app_data(TempFileConfig::default().directory(&AppConfig::get().temp_dir))
             // Server controller
             .route("/robots.txt", web::get().to(server_controller::robots_txt))
+            .route(
+                "/api/server/config",
+                web::get().to(server_controller::config),
+            )
             // Auth controller
             .route(
                 "/api/auth/start_oidc",