diff --git a/src/main/java/com/onixbyte/helix/constant/SecurityConstant.java b/src/main/java/com/onixbyte/helix/constant/SecurityConstant.java
new file mode 100644
index 0000000..08c3bb5
--- /dev/null
+++ b/src/main/java/com/onixbyte/helix/constant/SecurityConstant.java
@@ -0,0 +1,10 @@
+package com.onixbyte.helix.constant;
+
+public class SecurityConstant {
+
+    public static final String TOKEN_HEADER_NAME = "Authorization";
+
+    public static final String TOKEN_PREFIX = "Bearer ";
+
+    public static final int TOKEN_PREFIX_LENGTH = TOKEN_PREFIX.length();
+}
diff --git a/src/main/java/com/onixbyte/helix/filter/TokenAuthenticationFilter.java b/src/main/java/com/onixbyte/helix/filter/TokenAuthenticationFilter.java
index 99d123b..63990d1 100644
--- a/src/main/java/com/onixbyte/helix/filter/TokenAuthenticationFilter.java
+++ b/src/main/java/com/onixbyte/helix/filter/TokenAuthenticationFilter.java
@@ -1,9 +1,8 @@
 package com.onixbyte.helix.filter;
 
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.algorithms.Algorithm;
 import com.auth0.jwt.exceptions.JWTVerificationException;
 import com.onixbyte.helix.client.TokenClient;
+import com.onixbyte.helix.constant.SecurityConstant;
 import com.onixbyte.helix.manager.AuthorityManager;
 import com.onixbyte.helix.manager.UserManager;
 import com.onixbyte.helix.security.authentication.UsernamePasswordAuthentication;
@@ -47,18 +46,18 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
             @NonNull HttpServletResponse response,
             @NonNull FilterChain filterChain
     ) throws ServletException, IOException {
-        var token = request.getHeader("Authorization");
+        var token = request.getHeader(SecurityConstant.TOKEN_HEADER_NAME);
         if (Objects.isNull(token) || token.isBlank()) {
             filterChain.doFilter(request, response);
             return;
         }
 
-        if (!token.startsWith("Bearer ")) {
+        if (!token.startsWith(SecurityConstant.TOKEN_PREFIX)) {
             filterChain.doFilter(request, response);
             return;
         }
 
-        token = token.substring(7);
+        token = token.substring(SecurityConstant.TOKEN_PREFIX_LENGTH);
         try {
             var decodedToken = tokenClient.verifyToken(token);
             var username = decodedToken.getSubject();