diff --git a/.freeleaps/devops/helm-pkg/values.alpha.yaml b/.freeleaps/devops/helm-pkg/values.alpha.yaml
index fd571bb..067bb57 100644
--- a/.freeleaps/devops/helm-pkg/values.alpha.yaml
+++ b/.freeleaps/devops/helm-pkg/values.alpha.yaml
@@ -15,7 +15,7 @@ authentication:
     registry: docker.io
     repository: null
     name: 6901bcf4ed3725f39f11343d-authentication
-    tag: snapshot-2346a42
+    tag: snapshot-ddcf8d8
     imagePullPolicy: IfNotPresent
   ports:
   - name: http
@@ -81,7 +81,7 @@ authentication:
     appEnv: alpha
     devsvcWebapiUrlBase: http://devsvc-service.freeleaps-alpha.svc.freeleaps.cluster:8007/api/devsvc/
     notificationWebapiUrlBase: http://notification-service.freeleaps-alpha.svc.freeleaps.cluster:8003/api/notification/
-    authServiceEndpoint: http://freeleaps-auth-service.68c0da88a0a7837e84b580eb-alpha.svc.freeleaps.cluster:9000/api/v1/
+    authServiceEndpoint: http://freeleaps-auth-service.freeleaps-alpha.svc.freeleaps.cluster:9000/api/v1/
     jwtAlgorithm: HS256
     serviceApiAccessHost: 0.0.0.0
     serviceApiAccessPort: 8004
diff --git a/.freeleaps/devops/helm-pkg/values.prod.yaml b/.freeleaps/devops/helm-pkg/values.prod.yaml
index ce2fe08..a3852c7 100644
--- a/.freeleaps/devops/helm-pkg/values.prod.yaml
+++ b/.freeleaps/devops/helm-pkg/values.prod.yaml
@@ -18,7 +18,7 @@ authentication:
     registry: docker.io
     repository: null
     name: 6901bcf4ed3725f39f11343d-authentication
-    tag: snapshot-73d6a46
+    tag: snapshot-8584f90
     imagePullPolicy: IfNotPresent
   ports:
   - name: http
@@ -65,14 +65,31 @@ authentication:
       namespace: freeleaps-monitoring-system
       interval: 30s
       scrapeTimeout: ''
-  ingresses: {}
+  ingresses:
+  - name: authentication-ingress
+    host: authentication.freeleaps.com
+    class: nginx
+    rules:
+    - path: /
+      pathType: Prefix
+      backend:
+        service:
+          name: authentication-service
+          port:
+            number: 8004
+    tls:
+      exists: false
+      issuerRef:
+        name: freeleaps-dot-com
+        kind: ClusterIssuer
+      name: authentication.freeleaps.com-cert
   configs:
     tz: UTC
     appName: authentication
     appEnv: prod
     devsvcWebapiUrlBase: http://devsvc-service.freeleaps-prod.svc.freeleaps.cluster:8007/api/devsvc/
     notificationWebapiUrlBase: http://notification-service.freeleaps-prod.svc.freeleaps.cluster:8003/api/notification/
-    authServiceEndpoint: http://freeleaps-auth-service.68c0da88a0a7837e84b580eb-prod.svc.freeleaps.cluster:9000/api/v1/
+    authServiceEndpoint: http://freeleaps-auth-service.freeleaps-prod.svc.freeleaps.cluster:9000/api/v1/
     jwtAlgorithm: HS256
     serviceApiAccessHost: 0.0.0.0
     serviceApiAccessPort: 8004
diff --git a/backend/infra/permission/role_handler.py b/backend/infra/permission/role_handler.py
index 08d5d83..2fe4be0 100644
--- a/backend/infra/permission/role_handler.py
+++ b/backend/infra/permission/role_handler.py
@@ -118,7 +118,7 @@ class RoleHandler:
                     raise RequestValidationError("Role with the provided ID already exists.")
                 new_doc.id = custom_role_id
 
-            await new_doc.insert()
+            await new_doc.create()
             return new_doc
 
     async def query_roles(self, role_key: Optional[str], role_name: Optional[str], skip: int = 0, limit: int = 10) -> \
diff --git a/backend/infra/permission/user_role_handler.py b/backend/infra/permission/user_role_handler.py
index 2b02fe8..96bd9fa 100644
--- a/backend/infra/permission/user_role_handler.py
+++ b/backend/infra/permission/user_role_handler.py
@@ -36,7 +36,7 @@ class UserRoleHandler:
                 user_id=user_id,
                 role_ids=unique_role_ids
             )
-            await user_role_doc.insert()
+            await user_role_doc.create()
             return user_role_doc
 
     async def get_role_and_permission_by_user_id(self, user_id: str) -> tuple[list[str], list[str]]:
diff --git a/backend/models/base_doc.py b/backend/models/base_doc.py
index bd6722d..af4aa81 100644
--- a/backend/models/base_doc.py
+++ b/backend/models/base_doc.py
@@ -3,6 +3,7 @@ BaseDoc - A custom document class that provides Beanie-like interface using dire
 """
 import asyncio
 from datetime import datetime, timezone
+from bson import ObjectId
 from typing import Optional, List, Dict, Any, Type, Union
 from motor.motor_asyncio import AsyncIOMotorClient, AsyncIOMotorDatabase
 from pydantic import BaseModel
@@ -282,6 +283,13 @@ class BaseDoc(BaseModel, metaclass=QueryModelMeta):
         # Convert Decimal objects to float for MongoDB compatibility
         doc_dict = self._convert_decimals_to_float(doc_dict)
 
+        # Respect pre-populated id by mapping to MongoDB _id
+        if getattr(self, 'id', None):
+            try:
+                doc_dict['_id'] = ObjectId(self.id)
+            except Exception:
+                doc_dict['_id'] = self.id
+
         result = await collection.insert_one(doc_dict)
 
         # Set the id field from the inserted document
@@ -314,7 +322,17 @@ class BaseDoc(BaseModel, metaclass=QueryModelMeta):
         elif hasattr(self, 'auth_code'):
             query['auth_code'] = self.auth_code
 
-        if query:
+        if getattr(self, 'id', None):
+            # Update by primary key when available
+            try:
+                object_id = ObjectId(self.id)
+            except Exception:
+                object_id = self.id
+
+            result = await collection.update_one({"_id": object_id}, {"$set": doc_dict}, upsert=True)
+            if result.upserted_id:
+                self.id = str(result.upserted_id)
+        elif query:
             # Update existing document
             result = await collection.update_one(query, {"$set": doc_dict}, upsert=True)
             # If it was an insert, set the id field