diff --git a/src/main/java/com/example/daemawiki/global/config/SecurityConfig.java b/src/main/java/com/example/daemawiki/global/config/SecurityConfig.java
index 3ccc148e..765f8e28 100644
--- a/src/main/java/com/example/daemawiki/global/config/SecurityConfig.java
+++ b/src/main/java/com/example/daemawiki/global/config/SecurityConfig.java
@@ -1,8 +1,11 @@
 package com.example.daemawiki.global.config;
 
+import com.example.daemawiki.global.security.JwtWebFilter;
+import com.example.daemawiki.global.security.Tokenizer;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.security.config.web.server.SecurityWebFiltersOrder;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 
@@ -10,6 +13,12 @@
 @EnableWebFluxSecurity
 public class SecurityConfig {
 
+    private final Tokenizer tokenizer;
+
+    public SecurityConfig(Tokenizer tokenizer) {
+        this.tokenizer = tokenizer;
+    }
+
     private static final String[] WHITE_LIST = {
             "/**"
     };
@@ -21,6 +30,7 @@ public SecurityWebFilterChain filterChain(ServerHttpSecurity http) {
                 .anyExchange().authenticated())
                 .csrf(ServerHttpSecurity.CsrfSpec::disable)
                 .formLogin(ServerHttpSecurity.FormLoginSpec::disable)
+                .addFilterBefore(new JwtWebFilter(tokenizer), SecurityWebFiltersOrder.HTTP_BASIC)
                 .build();
     }