diff --git a/ibexa/commerce/5.0/config/packages/lexik_jwt_authentication.yaml b/ibexa/commerce/5.0/config/packages/lexik_jwt_authentication.yaml
index 42ddd3ce..e1e64743 100644
--- a/ibexa/commerce/5.0/config/packages/lexik_jwt_authentication.yaml
+++ b/ibexa/commerce/5.0/config/packages/lexik_jwt_authentication.yaml
@@ -5,7 +5,7 @@ lexik_jwt_authentication:
     # Disabled by default, because Page builder use an custom extractor
     token_extractors:
         authorization_header:
-            enabled: false
+            enabled: true
         cookie:
             enabled: false
         query_parameter:
diff --git a/ibexa/commerce/5.0/config/packages/security.yaml b/ibexa/commerce/5.0/config/packages/security.yaml
index 30504984..a13bc42b 100644
--- a/ibexa/commerce/5.0/config/packages/security.yaml
+++ b/ibexa/commerce/5.0/config/packages/security.yaml
@@ -98,10 +98,10 @@ security:
         #        entry_point: lexik_jwt_authentication.jwt_token_authenticator
         #    stateless: true
 
-        #ibexa_jwt_graphql:
-        #    request_matcher: Ibexa\GraphQL\Security\NonAdminGraphQLRequestMatcher
-        #    stateless: true
-        #    jwt: ~
+        ibexa_jwt_graphql:
+            request_matcher: Ibexa\GraphQL\Security\NonAdminGraphQLRequestMatcher
+            stateless: true
+            jwt: ~
 
         # Uncomment ibexa_oauth2_connect, ibexa_oauth2_front rules and comment ibexa_front firewall
         # to enable OAuth2 authentication
diff --git a/ibexa/experience/5.0/config/packages/lexik_jwt_authentication.yaml b/ibexa/experience/5.0/config/packages/lexik_jwt_authentication.yaml
index 42ddd3ce..e1e64743 100644
--- a/ibexa/experience/5.0/config/packages/lexik_jwt_authentication.yaml
+++ b/ibexa/experience/5.0/config/packages/lexik_jwt_authentication.yaml
@@ -5,7 +5,7 @@ lexik_jwt_authentication:
     # Disabled by default, because Page builder use an custom extractor
     token_extractors:
         authorization_header:
-            enabled: false
+            enabled: true
         cookie:
             enabled: false
         query_parameter:
diff --git a/ibexa/experience/5.0/config/packages/security.yaml b/ibexa/experience/5.0/config/packages/security.yaml
index b95bb3eb..464f4bce 100644
--- a/ibexa/experience/5.0/config/packages/security.yaml
+++ b/ibexa/experience/5.0/config/packages/security.yaml
@@ -86,10 +86,10 @@ security:
         #        entry_point: lexik_jwt_authentication.jwt_token_authenticator
         #    stateless: true
 
-        #ibexa_jwt_graphql:
-        #    request_matcher: Ibexa\GraphQL\Security\NonAdminGraphQLRequestMatcher
-        #    stateless: true
-        #    jwt: ~
+        ibexa_jwt_graphql:
+            request_matcher: Ibexa\GraphQL\Security\NonAdminGraphQLRequestMatcher
+            stateless: true
+            jwt: ~
 
         # Uncomment ibexa_oauth2_connect, ibexa_oauth2_front rules and comment ibexa_front firewall
         # to enable OAuth2 authentication
diff --git a/ibexa/headless/5.0/config/packages/lexik_jwt_authentication.yaml b/ibexa/headless/5.0/config/packages/lexik_jwt_authentication.yaml
index 42ddd3ce..e1e64743 100644
--- a/ibexa/headless/5.0/config/packages/lexik_jwt_authentication.yaml
+++ b/ibexa/headless/5.0/config/packages/lexik_jwt_authentication.yaml
@@ -5,7 +5,7 @@ lexik_jwt_authentication:
     # Disabled by default, because Page builder use an custom extractor
     token_extractors:
         authorization_header:
-            enabled: false
+            enabled: true
         cookie:
             enabled: false
         query_parameter:
diff --git a/ibexa/headless/5.0/config/packages/security.yaml b/ibexa/headless/5.0/config/packages/security.yaml
index b95bb3eb..464f4bce 100644
--- a/ibexa/headless/5.0/config/packages/security.yaml
+++ b/ibexa/headless/5.0/config/packages/security.yaml
@@ -86,10 +86,10 @@ security:
         #        entry_point: lexik_jwt_authentication.jwt_token_authenticator
         #    stateless: true
 
-        #ibexa_jwt_graphql:
-        #    request_matcher: Ibexa\GraphQL\Security\NonAdminGraphQLRequestMatcher
-        #    stateless: true
-        #    jwt: ~
+        ibexa_jwt_graphql:
+            request_matcher: Ibexa\GraphQL\Security\NonAdminGraphQLRequestMatcher
+            stateless: true
+            jwt: ~
 
         # Uncomment ibexa_oauth2_connect, ibexa_oauth2_front rules and comment ibexa_front firewall
         # to enable OAuth2 authentication
diff --git a/ibexa/oss/5.0/config/packages/lexik_jwt_authentication.yaml b/ibexa/oss/5.0/config/packages/lexik_jwt_authentication.yaml
index 42ddd3ce..e1e64743 100644
--- a/ibexa/oss/5.0/config/packages/lexik_jwt_authentication.yaml
+++ b/ibexa/oss/5.0/config/packages/lexik_jwt_authentication.yaml
@@ -5,7 +5,7 @@ lexik_jwt_authentication:
     # Disabled by default, because Page builder use an custom extractor
     token_extractors:
         authorization_header:
-            enabled: false
+            enabled: true
         cookie:
             enabled: false
         query_parameter:
diff --git a/ibexa/oss/5.0/config/packages/security.yaml b/ibexa/oss/5.0/config/packages/security.yaml
index 7fc85c67..752a6761 100644
--- a/ibexa/oss/5.0/config/packages/security.yaml
+++ b/ibexa/oss/5.0/config/packages/security.yaml
@@ -64,10 +64,10 @@ security:
         #        entry_point: lexik_jwt_authentication.jwt_token_authenticator
         #    stateless: true
 
-        #ibexa_jwt_graphql:
-        #    request_matcher: Ibexa\GraphQL\Security\NonAdminGraphQLRequestMatcher
-        #    stateless: true
-        #    jwt: ~
+        ibexa_jwt_graphql:
+            request_matcher: Ibexa\GraphQL\Security\NonAdminGraphQLRequestMatcher
+            stateless: true
+            jwt: ~
 
         ibexa_front:
             pattern: ^/