diff --git a/src/backend/core/services/collaboration_services.py b/src/backend/core/services/collaboration_services.py
index 9120321d..283a8742 100644
--- a/src/backend/core/services/collaboration_services.py
+++ b/src/backend/core/services/collaboration_services.py
@@ -26,6 +26,7 @@ class CollaborationService:
         # same pod thanks to a parameter
         endpoint_url = f"{settings.COLLABORATION_API_URL}{endpoint}/?room={room}"
 
+        # Note: Collaboration microservice accepts only raw token, which is not recommended
         headers = {"Authorization": settings.COLLABORATION_SERVER_SECRET}
         if user_id:
             headers["X-User-Id"] = user_id
diff --git a/src/backend/core/services/converter_services.py b/src/backend/core/services/converter_services.py
index d140d10f..5213bac8 100644
--- a/src/backend/core/services/converter_services.py
+++ b/src/backend/core/services/converter_services.py
@@ -31,6 +31,7 @@ class YdocConverter:
     @property
     def auth_header(self):
         """Build microservice authentication header."""
+        # Note: Yprovider microservice accepts only raw token, which is not recommended
         return settings.Y_PROVIDER_API_KEY
 
     def convert_markdown(self, text):
diff --git a/src/frontend/servers/y-provider/src/middlewares.ts b/src/frontend/servers/y-provider/src/middlewares.ts
index 49d9b472..11344a27 100644
--- a/src/frontend/servers/y-provider/src/middlewares.ts
+++ b/src/frontend/servers/y-provider/src/middlewares.ts
@@ -25,6 +25,7 @@ export const httpSecurity = (
   }
 
   // Secret API Key check
+  // Note: Changing this header to Bearer token format will break backend compatibility with this microservice.
   const apiKey = req.headers['authorization'];
   if (apiKey !== COLLABORATION_SERVER_SECRET) {
     res.status(403).json({ error: 'Forbidden: Invalid API Key' });