diff --git a/auth_jwt/models/auth_jwt_validator.py b/auth_jwt/models/auth_jwt_validator.py
index 13649adad2..8d92fd3234 100644
--- a/auth_jwt/models/auth_jwt_validator.py
+++ b/auth_jwt/models/auth_jwt_validator.py
@@ -97,6 +97,7 @@ class AuthJwtValidator(models.Model):
     cookie_secure = fields.Boolean(
         default=True, help="Set to false only for development without https."
     )
+    cookie_secret = fields.Char()
 
     _sql_constraints = [
         ("name_uniq", "unique(name)", "JWT validator names must be unique !"),
@@ -292,10 +293,12 @@ def unlink(self):
         return super().unlink()
 
     def _get_jwt_cookie_secret(self):
-        secret = self.env["ir.config_parameter"].sudo().get_param("database.secret")
+        secret = self.cookie_secret
         if not secret:
-            _logger.error("database.secret system parameter is not set.")
-            raise ConfigurationError()
+            secret = self.env["ir.config_parameter"].sudo().get_param("database.secret")
+            if not secret:
+                _logger.error("database.secret system parameter is not set.")
+                raise ConfigurationError()
         return secret
 
     @api.model
diff --git a/auth_jwt/tests/test_auth_jwt.py b/auth_jwt/tests/test_auth_jwt.py
index 20fb59b7cb..bbc26aafe2 100644
--- a/auth_jwt/tests/test_auth_jwt.py
+++ b/auth_jwt/tests/test_auth_jwt.py
@@ -15,6 +15,7 @@
 
 from ..exceptions import (
     AmbiguousJwtValidator,
+    ConfigurationError,
     JwtValidatorNotFound,
     UnauthorizedCompositeJwtError,
     UnauthorizedInvalidToken,
@@ -399,3 +400,16 @@ def test_public_or_jwt_valid_token(self):
         with self._mock_request(authorization=authorization) as request:
             self.env["ir.http"]._auth_method_public_or_jwt_validator()
             assert request.jwt_payload["aud"] == "me"
+
+    def test_jwt_cookie_secret(self):
+        validator = self._create_validator("validator")
+        database_secret = self.env["ir.config_parameter"].get_param("database.secret")
+        self.assertEqual(database_secret, validator._get_jwt_cookie_secret())
+        database_secret_param = self.env["ir.config_parameter"].search(
+            [("key", "=", "database.secret")]
+        )
+        database_secret_param.write({"value": ""})
+        with self.assertRaises(ConfigurationError):
+            validator._get_jwt_cookie_secret()
+        validator.cookie_secret = "cookie-secret"
+        self.assertEqual(validator.cookie_secret, validator._get_jwt_cookie_secret())
diff --git a/auth_jwt/views/auth_jwt_validator_views.xml b/auth_jwt/views/auth_jwt_validator_views.xml
index bc907038a9..9604ec1338 100644
--- a/auth_jwt/views/auth_jwt_validator_views.xml
+++ b/auth_jwt/views/auth_jwt_validator_views.xml
@@ -68,6 +68,10 @@
                                 name="cookie_max_age"
                                 attrs="{'invisible': [('cookie_enabled', '=', False)]}"
                             />
+                            <field
+                                name="cookie_secret"
+                                attrs="{'invisible': [('cookie_enabled', '=', False)]}"
+                            />
                         </group>
                     </group>
                 </sheet>