diff --git a/backend/config/db.php b/backend/config/db.php
index 2d7380e..3a6a9c1 100644
--- a/backend/config/db.php
+++ b/backend/config/db.php
@@ -40,17 +40,20 @@ if (!$envLoaded) {
 }
 
 // Security: API Key Validation
-$expectedApiKey = $_ENV['API_KEY'] ?? 'JORDAN_BOT_SECRET_2026'; // Fallback if not in .env
+$expectedApiKey = $_ENV['API_KEY'] ?? 'JORDAN_BOT_SECRET_2026'; 
 $headers = getallheaders();
 $providedKey = $headers['X-API-Key'] ?? ($headers['x-api-key'] ?? null);
 
+// Debug Logging
+error_log("JordanBot API Check: Provided Key: [$providedKey], Expected Key (from ENV): [" . ($_ENV['API_KEY'] ?? 'NULL') . "], Fallback: [JORDAN_BOT_SECRET_2026]");
+
 if ($providedKey !== $expectedApiKey) {
     http_response_code(401);
     echo json_encode(['success' => false, 'message' => 'Unauthorized: Invalid or missing API Key']);
     exit;
 }
 
-// Extra Security: App Signature Fingerprint Validation (Optional)
+// Extra Security: App Signature Fingerprint Validation (Temporarily Disabled for Debugging)
 /*
 $expectedSignatures = $_ENV['APP_SIGNATURE_SHA256'] ?? null;
 if (!empty($expectedSignatures)) {