diff --git a/docker/kratos/oathkeeper/access-rules.yml b/docker/kratos/oathkeeper/access-rules.yml
index be64f3d0..af09b2c7 100644
--- a/docker/kratos/oathkeeper/access-rules.yml
+++ b/docker/kratos/oathkeeper/access-rules.yml
@@ -56,6 +56,10 @@
     handler: allow
   mutators:
     - handler: id_token
+    - handler: header
+      config:
+        headers:
+          X-User: "{{ print .Subject }}"
   errors:
     - handler: redirect
       config:
@@ -66,7 +70,7 @@
     preserve_host: true
     url: "http://accounts:3000"
   match:
-    url: "http://oathkeeper<{,:4455}>/<{user,user/**,square/**,login,logout}>"
+    url: "http://oathkeeper<{,:4455}>/<{user,user/**,login,logout}>"
     methods:
       - GET
       - POST
@@ -76,10 +80,6 @@
     handler: allow
   mutators:
     - handler: id_token
-    - handler: header
-      config:
-        headers:
-          X-User: "{{ print .Subject }}"
   errors:
     - handler: redirect
       config: