diff --git a/src/main/java/com/kamco/cd/kamcoback/config/OpenApiConfig.java b/src/main/java/com/kamco/cd/kamcoback/config/OpenApiConfig.java
index 3f8623ef..8e5051ac 100644
--- a/src/main/java/com/kamco/cd/kamcoback/config/OpenApiConfig.java
+++ b/src/main/java/com/kamco/cd/kamcoback/config/OpenApiConfig.java
@@ -6,16 +6,30 @@ import io.swagger.v3.oas.models.info.Info;
 import io.swagger.v3.oas.models.security.SecurityRequirement;
 import io.swagger.v3.oas.models.security.SecurityScheme;
 import io.swagger.v3.oas.models.servers.Server;
+import java.util.ArrayList;
 import java.util.List;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
 @Configuration
 public class OpenApiConfig {
 
+  @Value("${server.port}")
+  private String serverPort;
+
+  @Value("${spring.profiles.active:local}")
+  private String profile;
+
+  @Value("${swagger.dev-url:https://kamco.dev-api.gs.dabeeo.com}")
+  private String devUrl;
+
+  @Value("${swagger.prod-url:https://api.kamco.com}")
+  private String prodUrl;
+
   @Bean
   public OpenAPI kamcoOpenAPI() {
-    // 🔹 1) SecurityScheme 정의 (Bearer JWT)
+    // 1) SecurityScheme 정의 (Bearer JWT)
     SecurityScheme bearerAuth =
         new SecurityScheme()
             .type(SecurityScheme.Type.HTTP)
@@ -24,12 +38,21 @@ public class OpenApiConfig {
             .in(SecurityScheme.In.HEADER)
             .name("Authorization");
 
-    // 🔹 2) SecurityRequirement (기본으로 BearerAuth 사용)
+    // 2) SecurityRequirement (기본으로 BearerAuth 사용)
     SecurityRequirement securityRequirement = new SecurityRequirement().addList("BearerAuth");
 
-    // 🔹 3) Components 에 SecurityScheme 등록
+    // 3) Components 에 SecurityScheme 등록
     Components components = new Components().addSecuritySchemes("BearerAuth", bearerAuth);
 
+    // profile 별 server url 분기
+    List<Server> servers = new ArrayList<>();
+    switch (profile) {
+      case "prod" -> servers.add(new Server().url(prodUrl).description("운영 서버"));
+      case "dev" -> servers.add(new Server().url(devUrl).description("개발 서버"));
+      default ->
+          servers.add(new Server().url("http://localhost:" + serverPort).description("로컬 개발 서버"));
+    }
+
     return new OpenAPI()
         .info(
             new Info()
@@ -38,19 +61,10 @@ public class OpenApiConfig {
                     "KAMCO 변화 탐지 시스템 API 문서\n\n"
                         + "이 API는 지리공간 데이터를 활용한 변화 탐지 시스템을 제공합니다.\n"
                         + "GeoJSON 형식의 공간 데이터를 처리하며, PostgreSQL/PostGIS 기반으로 동작합니다.")
-                .version("v1.0.0")
-            //          .contact(new Contact().name("KAMCO Development
-            // Team").email("dev@kamco.com").url("https://kamco.com"))
-            //          .license(new License().name("Proprietary").url("https://kamco.com/license"))
-            )
-        .servers(
-            List.of(
-                new Server().url("http://localhost:8080").description("로컬 개발 서버"),
-                new Server().url("https://kamco.dev-api.gs.dabeeo.com").description("개발 서버")
-                //          , new Server().url("https://api.kamco.com").description("운영 서버")
-                ))
-        .components(new Components())
-        // 🔥 여기 한 줄이 "모든 API 기본적으로 BearerAuth 요구" 의미
+                .version("v1.0.0"))
+        .servers(servers)
+        // 만들어둔 components를 넣어야 함
+        .components(components)
         .addSecurityItem(securityRequirement);
   }
 }
diff --git a/src/main/java/com/kamco/cd/kamcoback/members/AuthController.java b/src/main/java/com/kamco/cd/kamcoback/members/AuthController.java
index f21a02c8..cd123a40 100644
--- a/src/main/java/com/kamco/cd/kamcoback/members/AuthController.java
+++ b/src/main/java/com/kamco/cd/kamcoback/members/AuthController.java
@@ -114,12 +114,6 @@ public class AuthController {
         authenticationManager.authenticate(
             new UsernamePasswordAuthenticationToken(request.getUsername(), request.getPassword()));
 
-    // PENDING 비활성 상태(새로운 패스워드 입력 해야함)
-    if (StatusType.PENDING.getId().equals(status)) {
-      member.setEmployeeNo(request.getUsername());
-      return ApiResponseDto.ok(new TokenResponse(status, null, null, member));
-    }
-
     String username = authentication.getName(); // UserDetailsService 에서 사용한 username
 
     String accessToken = jwtTokenProvider.createAccessToken(username);
@@ -146,6 +140,12 @@ public class AuthController {
     member.setName(user.getMember().getName());
     member.setEmployeeNo(user.getMember().getEmployeeNo());
 
+    // PENDING 비활성 상태(새로운 패스워드 입력 해야함)
+    if (StatusType.PENDING.getId().equals(status)) {
+      member.setEmployeeNo(request.getUsername());
+      return ApiResponseDto.ok(new TokenResponse(status, accessToken, refreshToken, member));
+    }
+
     // 인증 성공 로그인 시간 저장
     authService.saveLogin(UUID.fromString(username));