diff --git a/backoffice/prisma/schema.prisma b/backoffice/prisma/schema.prisma
index a809a94..d78bd4c 100644
--- a/backoffice/prisma/schema.prisma
+++ b/backoffice/prisma/schema.prisma
@@ -71,3 +71,11 @@ model Order {
   product   Product  @relation(fields: [productId], references: [id])
   createdAt DateTime @default(now())
 }
+
+model SystemSettings {
+  key       String   @id
+  value     String
+  category  String   @default("GENERAL") // e.g. PAYMENT, SHIPPING
+  isSecure  Boolean  @default(false)     // If true, should not be returned in plain text unless requested specifically
+  updatedAt DateTime @updatedAt
+}
diff --git a/backoffice/src/app.module.ts b/backoffice/src/app.module.ts
index d16a23e..77e2efa 100644
--- a/backoffice/src/app.module.ts
+++ b/backoffice/src/app.module.ts
@@ -5,6 +5,7 @@ import { InventoryModule } from './inventory/inventory.module';
 import { PrismaModule } from './prisma/prisma.module';
 import { UsersModule } from './users/users.module';
 import { WebhooksModule } from './webhooks/webhooks.module';
+import { SettingsModule } from './settings/settings.module';
 
 import { AppController } from './app.controller';
 
@@ -16,6 +17,7 @@ import { AppController } from './app.controller';
     UsersModule,
     InventoryModule,
     WebhooksModule,
+    SettingsModule,
   ],
   controllers: [AppController],
 })
diff --git a/backoffice/src/auth/auth.controller.ts b/backoffice/src/auth/auth.controller.ts
index d001f34..568bb1c 100644
--- a/backoffice/src/auth/auth.controller.ts
+++ b/backoffice/src/auth/auth.controller.ts
@@ -1,7 +1,6 @@
 import { Body, Controller, Get, HttpCode, HttpStatus, Post, Req, Res, UseGuards } from '@nestjs/common';
 import { ApiBearerAuth, ApiTags } from '@nestjs/swagger';
 import { FastifyReply } from 'fastify';
-import { CreateUserDto } from '../users/dto/create-user.dto';
 import { JwtAuthGuard } from './guards/jwt-auth.guard';
 import { RefreshTokenGuard } from './guards/refresh-token.guard';
 import { AuthService } from './auth.service';
@@ -10,12 +9,7 @@ import { LoginDto } from './dto/login.dto';
 @ApiTags('auth')
 @Controller('auth')
 export class AuthController {
-  constructor(private readonly authService: AuthService) {}
-
-  @Post('register')
-  async register(@Body() dto: CreateUserDto, @Res({ passthrough: true }) reply: FastifyReply) {
-    return this.authService.register(dto, reply);
-  }
+  constructor(private readonly authService: AuthService) { }
 
   @Post('login')
   @HttpCode(HttpStatus.OK)
@@ -38,11 +32,4 @@ export class AuthController {
   async logout(@Req() req: any, @Res({ passthrough: true }) reply: FastifyReply) {
     return this.authService.logout(req.user.sub, reply);
   }
-
-  @Get('profile')
-  @UseGuards(JwtAuthGuard)
-  @ApiBearerAuth()
-  async profile(@Req() req: any) {
-    return req.user;
-  }
 }
diff --git a/backoffice/src/settings/settings.controller.ts b/backoffice/src/settings/settings.controller.ts
new file mode 100644
index 0000000..722fe73
--- /dev/null
+++ b/backoffice/src/settings/settings.controller.ts
@@ -0,0 +1,25 @@
+import { Body, Controller, Get, Post, UseGuards } from '@nestjs/common';
+import { ApiBearerAuth, ApiTags, ApiOperation } from '@nestjs/swagger';
+import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
+import { SettingsService } from './settings.service';
+
+@ApiTags('settings')
+@Controller('settings')
+@UseGuards(JwtAuthGuard)
+@ApiBearerAuth()
+export class SettingsController {
+    constructor(private readonly settingsService: SettingsService) { }
+
+    @Get('payment-gateways')
+    @ApiOperation({ summary: 'Get payment gateway credentials (Asaas, Stripe)' })
+    async getPaymentSettings() {
+        return this.settingsService.getPaymentSettings();
+    }
+
+    @Post('payment-gateways')
+    @ApiOperation({ summary: 'Update payment gateway credentials' })
+    async updatePaymentSettings(@Body() settings: Record<string, string>) {
+        await this.settingsService.updatePaymentSettings(settings);
+        return { success: true };
+    }
+}
diff --git a/backoffice/src/settings/settings.module.ts b/backoffice/src/settings/settings.module.ts
new file mode 100644
index 0000000..d1db700
--- /dev/null
+++ b/backoffice/src/settings/settings.module.ts
@@ -0,0 +1,12 @@
+import { Module } from '@nestjs/common';
+import { SettingsService } from './settings.service';
+import { SettingsController } from './settings.controller';
+import { PrismaModule } from '../prisma/prisma.module';
+
+@Module({
+    imports: [PrismaModule],
+    controllers: [SettingsController],
+    providers: [SettingsService],
+    exports: [SettingsService],
+})
+export class SettingsModule { }
diff --git a/backoffice/src/settings/settings.service.ts b/backoffice/src/settings/settings.service.ts
new file mode 100644
index 0000000..de274f0
--- /dev/null
+++ b/backoffice/src/settings/settings.service.ts
@@ -0,0 +1,40 @@
+import { Injectable } from '@nestjs/common';
+import { PrismaService } from '../prisma/prisma.service';
+
+@Injectable()
+export class SettingsService {
+    constructor(private readonly prisma: PrismaService) { }
+
+    async getPaymentSettings() {
+        const settings = await this.prisma.systemSettings.findMany({
+            where: { category: 'PAYMENT' },
+        });
+
+        // Transform list into object
+        return settings.reduce((acc: Record<string, string>, curr) => {
+            acc[curr.key] = curr.value;
+            return acc;
+        }, {} as Record<string, string>);
+    }
+
+    async setPaymentSetting(key: string, value: string, isSecure = true) {
+        return this.prisma.systemSettings.upsert({
+            where: { key },
+            update: { value, isSecure },
+            create: {
+                key,
+                value,
+                category: 'PAYMENT',
+                isSecure,
+            },
+        });
+    }
+
+    // Helper to bulk update
+    async updatePaymentSettings(settings: Record<string, string>) {
+        const promises = Object.entries(settings).map(([key, value]) =>
+            this.setPaymentSetting(key, value, key.includes('SECRET') || key.includes('KEY')),
+        );
+        return Promise.all(promises);
+    }
+}
diff --git a/backoffice/src/users/users.controller.ts b/backoffice/src/users/users.controller.ts
deleted file mode 100644
index 86b0989..0000000
--- a/backoffice/src/users/users.controller.ts
+++ /dev/null
@@ -1,17 +0,0 @@
-import { Controller, Get, Req, UseGuards } from '@nestjs/common';
-import { ApiBearerAuth, ApiTags } from '@nestjs/swagger';
-import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
-import { UsersService } from './users.service';
-
-@ApiTags('users')
-@Controller('users')
-export class UsersController {
-  constructor(private readonly usersService: UsersService) {}
-
-  @Get('me')
-  @UseGuards(JwtAuthGuard)
-  @ApiBearerAuth()
-  async me(@Req() req: any) {
-    return this.usersService.getSafeUser(req.user.sub);
-  }
-}
diff --git a/backoffice/src/users/users.module.ts b/backoffice/src/users/users.module.ts
index b136a7d..ac3dd9e 100644
--- a/backoffice/src/users/users.module.ts
+++ b/backoffice/src/users/users.module.ts
@@ -1,12 +1,10 @@
 import { Module } from '@nestjs/common';
 import { PrismaModule } from '../prisma/prisma.module';
-import { UsersController } from './users.controller';
 import { UsersService } from './users.service';
 
 @Module({
   imports: [PrismaModule],
-  controllers: [UsersController],
   providers: [UsersService],
   exports: [UsersService],
 })
-export class UsersModule {}
+export class UsersModule { }