diff --git a/compose-branch-deploy.yaml b/compose-branch-deploy.yaml
index aba04bbb51..5f34226258 100644
--- a/compose-branch-deploy.yaml
+++ b/compose-branch-deploy.yaml
@@ -21,6 +21,7 @@ services:
       - OAUTH2_RESOURCE_SERVER_ID=scipro_api_client
       - OAUTH2_RESOURCE_SERVER_SECRET=scipro_api_secret
       - OAUTH2_RESOURCE_SERVER_INTROSPECTION_URI=https://oauth2-${VHOST}/introspect
+      - OAUTH2_GS_AUTHORIZATION_URI=https://oauth2-gs-${VHOST}/authorize
     networks:
       - traefik
       - internal
@@ -64,6 +65,24 @@ services:
       - "traefik.http.routers.oauth2-${COMPOSE_PROJECT_NAME}.rule=Host(`oauth2-${VHOST}`)"
       - "traefik.http.routers.oauth2-${COMPOSE_PROJECT_NAME}.tls.certresolver=letsencrypt"
 
+  oauth2-gs:
+      build:
+        context: https://github.com/dsv-su/toker.git
+        dockerfile: embedded.Dockerfile
+      restart: unless-stopped
+      environment:
+        - CLIENT_ID=scipro_client
+        - CLIENT_SECRET=scipro_secret
+        - CLIENT_REDIRECT_URI=https://${VHOST}/oauth/callback
+        - RESOURCE_SERVER_ID=scipro_api_client
+        - RESOURCE_SERVER_SECRET=scipro_api_secret
+      networks:
+        - traefik
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.routers.oauth2-${COMPOSE_PROJECT_NAME}.rule=Host(`oauth2-gs-${VHOST}`)"
+        - "traefik.http.routers.oauth2-${COMPOSE_PROJECT_NAME}.tls.certresolver=letsencrypt"
+
 networks:
   traefik:
     name: traefik
diff --git a/war/src/main/resources/application-branch.properties b/war/src/main/resources/application-branch.properties
index a245636fbd..7c6d34aa24 100644
--- a/war/src/main/resources/application-branch.properties
+++ b/war/src/main/resources/application-branch.properties
@@ -7,7 +7,7 @@ profile=DEV
 # No secrets available for branch deployment to branch.dsv.su.se
 # Will have to set up some mock API for this later
 service.grading.url=
-oauth.uri=${OAUTH2_AUTHORIZATION_URI:http://localhost:59734/authorize}
+oauth.uri=${OAUTH2_GS_AUTHORIZATION_URI:http://localhost:59734/authorize}
 oauth.clientId=${OAUTH2_CLIENT_ID:scipro}
 oauth.clientSecret=${OAUTH2_CLIENT_SECRET:s3cr3t}
 oauth.redirectUri={baseUrl}/oauth/callback