diff --git a/policies/oceanbox/kyverno/add-openfga-secret.yaml b/policies/oceanbox/kyverno/add-openfga-secret.yaml
index 2f1d58a4..14965eec 100644
--- a/policies/oceanbox/kyverno/add-openfga-secret.yaml
+++ b/policies/oceanbox/kyverno/add-openfga-secret.yaml
@@ -16,8 +16,8 @@ spec:
           kinds:
           - Secret
           names:
-          - prod-openfga-superuser
-          - staging-openfga-superuser
+          - prod-openfga-db-superuser
+          - staging-openfga-db-superuser
     mutate:
       targets:
         - apiVersion: v1
@@ -25,8 +25,8 @@ spec:
           name: "{{ request.object.metadata.name }}"
       patchStrategicMerge:
         stringData:
-          postgres-password: '{{ request.object.data."password" | base64_decode(@) }}'
-          uri: postgres://postgres:{{ request.object.data."password" | base64_decode(@) }}@{{ request.object.metadata.labels."cnpg.io/cluster" }}
+          postgres-password: '{{ request.object.data.password | base64_decode(@) }}'
+          uri: 'postgres://{{ request.object.data.username | base64_decode(@) }}:{{ request.object.data.password | base64_decode(@) }}@{{ request.object.metadata.labels."cnpg.io/cluster" }}-rw/app?sslmode=disable'
     skipBackgroundRequests: true
   validationFailureAction: Audit