diff --git a/backend/.development.env b/backend/.development.env
index fa58925f8..e14d1d52d 100755
--- a/backend/.development.env
+++ b/backend/.development.env
@@ -57,6 +57,9 @@ JWT_SECRET=MySuperSecretJwtSecret
 
 TEMPORARY_JWT_SECRET=MySuperSecretTemporaryJwtSecret
 
+# session secret for storing ai history
+# you need it if you want to use openai service
+# required if OPENAI_API_KEY is set
 SESSION_SECRET=MySuperSecretSessionSecret
 
 # for authorization with google
diff --git a/backend/src/helpers/validators/required-environment-variables.validator.ts b/backend/src/helpers/validators/required-environment-variables.validator.ts
index 75e798902..fda3ffe7a 100644
--- a/backend/src/helpers/validators/required-environment-variables.validator.ts
+++ b/backend/src/helpers/validators/required-environment-variables.validator.ts
@@ -1,11 +1,12 @@
 import { Messages } from '../../exceptions/text/messages.js';
 
 export function requiredEnvironmentVariablesValidator(): void {
-  const requiredParameterNames: Array<string> = [
-    'DATABASE_URL',
-    'PRIVATE_KEY',
-    'JWT_SECRET',
-  ];
+  const requiredParameterNames: Array<string> = ['DATABASE_URL', 'PRIVATE_KEY', 'JWT_SECRET'];
+
+  if (process.env.OPENAI_API_KEY && process.env.OPENAI_API_KEY.length) {
+    requiredParameterNames.push('SESSION_SECRET');
+  }
+
   const requiredParameters: Array<{ [k: string]: string | null }> = requiredParameterNames.map((paramName) => {
     const paramValue = getEnvironmentVariable(paramName);
     return {
diff --git a/backend/src/main.ts b/backend/src/main.ts
index b035250a6..03cba7638 100644
--- a/backend/src/main.ts
+++ b/backend/src/main.ts
@@ -43,20 +43,23 @@ async function bootstrap() {
     app.use(cookieParser());
 
     const cookieDomain = process.env.ROCKETADMIN_COOKIE_DOMAIN || undefined;
-    app.use(
-      session({
-        secret: process.env.SESSION_SECRET,
-        resave: false,
-        saveUninitialized: false,
-        cookie: {
-          secure: true,
-          domain: cookieDomain,
-          maxAge: 2 * 60 * 60 * 1000,
-          httpOnly: true,
-        },
-        name: 'rocketadmin.sid',
-      }),
-    );
+    const sessionSecret = process.env.SESSION_SECRET || undefined;
+    if (sessionSecret) {
+      app.use(
+        session({
+          secret: sessionSecret,
+          resave: false,
+          saveUninitialized: false,
+          cookie: {
+            secure: true,
+            domain: cookieDomain,
+            maxAge: 2 * 60 * 60 * 1000,
+            httpOnly: true,
+          },
+          name: 'rocketadmin.sid',
+        }),
+      );
+    }
 
     app.enableCors({
       origin: [