diff --git a/backend/yki/src/main/java/fi/oph/yki/config/security/WebSecurityConfig.java b/backend/yki/src/main/java/fi/oph/yki/config/security/WebSecurityConfig.java
index 5797f4333..322022b80 100644
--- a/backend/yki/src/main/java/fi/oph/yki/config/security/WebSecurityConfig.java
+++ b/backend/yki/src/main/java/fi/oph/yki/config/security/WebSecurityConfig.java
@@ -2,6 +2,8 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.SecurityFilterChain;
@@ -31,4 +33,11 @@ public static HttpSecurity configCsrf(final HttpSecurity httpSecurity) throws Ex
       configurer.csrfTokenRepository(csrfTokenRepository).csrfTokenRequestHandler(requestHandler)
     );
   }
+
+  @Bean
+  public AuthenticationManager noopAuthenticationManager() {
+    return authentication -> {
+      throw new AuthenticationServiceException("Authentication is disabled");
+    };
+  }
 }