diff --git a/README.md b/README.md
index 1a680b563145d349f7cce71d749c90f3009a1be8..65e7c7e342dc704456d18b52eecfd207569425c2 100644
--- a/README.md
+++ b/README.md
@@ -157,6 +157,14 @@ Once the JSON-RPC daemon is running, all you need to do is point your beacon cha
 where `<ip address>` is either localhost or the IP address of the device running the JSON-RPC daemon.
 
 Erigon has been tested with Lighthouse however all other clients that support JSON-RPC should also work.
+
+### Authentication API
+
+In order to establish a secure connection beetwen the Consensus Layer and the Execution Layer, a JWT secret key is automatically generated.
+
+The JWT secret key will be present in the datadir by default under the name of `jwt.hex` and its path can be specified with the flag `--authrpc.jwtsecret`.
+
+This piece of info needs to be specified in the Consensus Layer as well in order to establish connection successfully. More information can be found [here](https://github.com/ethereum/execution-apis/blob/main/src/engine/authentication.md)
     
 ### Multiple Instances / One Machine
 
diff --git a/cmd/utils/flags.go b/cmd/utils/flags.go
index 662ea391d1af415327067d745496a30fcbbd0791..ac1b974728171f87e7c8d48ee22fdf96338326e9 100644
--- a/cmd/utils/flags.go
+++ b/cmd/utils/flags.go
@@ -331,8 +331,8 @@ var (
 
 	JWTSecretPath = cli.StringFlag{
 		Name:  "authrpc.jwtsecret",
-		Usage: "Token to ensure safe connection between CL and EL",
-		Value: "jwt.hex",
+		Usage: "Path to the token that ensures safe connection between CL and EL",
+		Value: "",
 	}
 
 	HttpCompressionFlag = cli.BoolFlag{
diff --git a/turbo/cli/flags.go b/turbo/cli/flags.go
index 1d3b8e6ceaf318240b701129f1c9fa7af9b4a677..9c5823aaa0fdb91beb847ea223cd748bb1d9aa00 100644
--- a/turbo/cli/flags.go
+++ b/turbo/cli/flags.go
@@ -285,6 +285,10 @@ func ApplyFlagsForNodeConfig(ctx *cli.Context, cfg *node.Config) {
 }
 
 func setEmbeddedRpcDaemon(ctx *cli.Context, cfg *node.Config) {
+	jwtSecretPath := ctx.GlobalString(utils.JWTSecretPath.Name)
+	if jwtSecretPath == "" {
+		jwtSecretPath = cfg.DataDir + "/jwt.hex"
+	}
 	c := &httpcfg.HttpCfg{
 		Enabled:   ctx.GlobalBool(utils.HTTPEnabledFlag.Name),
 		DataDir:   cfg.DataDir,
@@ -298,7 +302,7 @@ func setEmbeddedRpcDaemon(ctx *cli.Context, cfg *node.Config) {
 		HttpPort:                ctx.GlobalInt(utils.HTTPPortFlag.Name),
 		EngineHTTPListenAddress: ctx.GlobalString(utils.EngineAddr.Name),
 		EnginePort:              ctx.GlobalInt(utils.EnginePort.Name),
-		JWTSecretPath:           ctx.GlobalString(utils.JWTSecretPath.Name),
+		JWTSecretPath:           jwtSecretPath,
 		HttpCORSDomain:          strings.Split(ctx.GlobalString(utils.HTTPCORSDomainFlag.Name), ","),
 		HttpVirtualHost:         strings.Split(ctx.GlobalString(utils.HTTPVirtualHostsFlag.Name), ","),
 		API:                     strings.Split(ctx.GlobalString(utils.HTTPApiFlag.Name), ","),