diff --git a/frontends/postgres/src/utils/session.ts b/frontends/postgres/src/utils/session.ts
index 56a0baa60..1a8e7735c 100644
--- a/frontends/postgres/src/utils/session.ts
+++ b/frontends/postgres/src/utils/session.ts
@@ -3,19 +3,20 @@ import { cookies } from 'next/headers';
 
 const SESSION_COOKIE_NAME = 'admin-session';
 
-// Get JWT secret and throw error if not provided
+// Get JWT secret lazily to avoid build-time errors during static page generation
+let _jwtSecret: Uint8Array | null = null;
+
 function getJwtSecret(): Uint8Array {
-  const secret = process.env.JWT_SECRET;
-
-  if (!secret) {
-    throw new Error('JWT_SECRET environment variable is required');
+  if (!_jwtSecret) {
+    const secret = process.env.JWT_SECRET;
+    if (!secret) {
+      throw new Error('JWT_SECRET environment variable is required');
+    }
+    _jwtSecret = new TextEncoder().encode(secret);
   }
-
-  return new TextEncoder().encode(secret);
+  return _jwtSecret;
 }
 
-const JWT_SECRET = getJwtSecret();
-
 export type SessionData = {
   userId: number;
   username: string;
@@ -26,7 +27,7 @@ export async function createSession(data: SessionData): Promise<string> {
     .setProtectedHeader({ alg: 'HS256' })
     .setIssuedAt()
     .setExpirationTime('24h')
-    .sign(JWT_SECRET);
+    .sign(getJwtSecret());
 
   return token;
 }
@@ -51,7 +52,7 @@ export async function getSession(): Promise<SessionData | null> {
   }
 
   try {
-    const { payload } = await jwtVerify(token, JWT_SECRET);
+    const { payload } = await jwtVerify(token, getJwtSecret());
     return payload as SessionData;
   } catch {
     return null;