diff --git a/token-checker-server/src/main/helm/templates/deployment.yaml b/token-checker-server/src/main/helm/templates/deployment.yaml
index 7b5607e8dae9b85e8687042104eedc60ec2baf12..c6f4b6f6b03b091b53d9b05c6df4dab0c86662f5 100644
--- a/token-checker-server/src/main/helm/templates/deployment.yaml
+++ b/token-checker-server/src/main/helm/templates/deployment.yaml
@@ -70,10 +70,14 @@ spec:
             value: file:///keystore/enc.crt
           - name: OZGCLOUD_TOKEN_CHECK_ENTITIES_0_METADATA
             value: file:///metadata/muk-idp-infra.xml
-          - name: OZGCLOUD_TOKEN_CHECK_ENTITIES_0_USE-ID-AS-POSTKORB-HANDLE
-            value: {{ quote (index ((.Values.ozgcloud).tokenChecker).entities 0).useIdAsPostkorbHandle | default "\"true\""}}
+          - name: OZGCLOUD_TOKEN_CHECK_ENTITIES_0_USE-ID-AS-POSTFACH-ID
+            value: {{ quote (index ((.Values.ozgcloud).tokenChecker).entities 0).useIdAsPostfachId | default "\"true\""}}
           - name: OZGCLOUD_TOKEN_CHECK_ENTITIES_0_MAPPINGS_TRUST-LEVEL
             value: {{ required "at least one ozgcloud.token.check.entities.mappings trustlevel must be set" (index ((.Values.ozgcloud).tokenChecker).entities 0).mappings.trustLevel }}
+          {{- if eq (index ((.Values.ozgcloud).tokenChecker).entities 0).useIdAsPostfachId false }}
+          - name: OZGCLOUD_TOKEN_CHECK_ENTITIES_0_MAPPINGS_POSTFACH-ID
+            value: {{ required "at least one ozgcloud.token.check.entities.mappings postfachId must be set" (index ((.Values.ozgcloud).tokenChecker).entities 0).mappings.postfachId }}
+          {{- end }}
 
           {{- with include "app.getCustomList" . }}
 {{ . | indent 10 }}
diff --git a/token-checker-server/src/test/helm/deployment_env_test.yaml b/token-checker-server/src/test/helm/deployment_env_test.yaml
index f50146c1ca69768da87a9bf96b2e6d13d9115603..1711e8e9d1eb4341ba288587f597fb6a757193ab 100644
--- a/token-checker-server/src/test/helm/deployment_env_test.yaml
+++ b/token-checker-server/src/test/helm/deployment_env_test.yaml
@@ -130,11 +130,6 @@ tests:
           content:
             name: OZGCLOUD_TOKEN_CHECK_ENTITIES_0_METADATA
             value: file:///metadata/muk-idp-infra.xml
-      - contains:
-          path: spec.template.spec.containers[0].env
-          content:
-            name: OZGCLOUD_TOKEN_CHECK_ENTITIES_0_USE-ID-AS-POSTKORB-HANDLE
-            value: "true"
       - contains:
           path: spec.template.spec.containers[0].env
           content:
@@ -169,3 +164,77 @@ tests:
     asserts:
       - failedTemplate:
           errormessage: "at least one ozgcloud.token.check.entities.mappings trustlevel must be set"
+
+  - it: should set default for useIdAsPostfachId
+    set:
+      env.customList:
+        - name: my_test_environment_name
+          value: "A test value"
+        - name: test_environment
+          value: "B test value"
+      imagePullSecret: test-image-secret
+      samlRegistrationSecretName: muk-saml-registration-secret
+      ozgcloud:
+        environment: dev
+        tokenChecker:
+          entities:
+            - idpEntityId: https://idp-id
+              mappings:
+                trustLevel: TrustLevelNameUsedByIdp
+    asserts:
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: OZGCLOUD_TOKEN_CHECK_ENTITIES_0_USE-ID-AS-POSTFACH-ID
+            value: "true"
+
+  - it: should set custom mapping for PostfachId
+    set:
+      env.customList:
+        - name: my_test_environment_name
+          value: "A test value"
+        - name: test_environment
+          value: "B test value"
+      imagePullSecret: test-image-secret
+      samlRegistrationSecretName: muk-saml-registration-secret
+      ozgcloud:
+        environment: dev
+        tokenChecker:
+          entities:
+            - idpEntityId: https://idp-id
+              useIdAsPostfachId: false
+              mappings:
+                trustLevel: TrustLevelNameUsedByIdp
+                postfachId: PostfachIdNameUsedByIdp
+    asserts:
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: OZGCLOUD_TOKEN_CHECK_ENTITIES_0_USE-ID-AS-POSTFACH-ID
+            value: "false"
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: OZGCLOUD_TOKEN_CHECK_ENTITIES_0_MAPPINGS_POSTFACH-ID
+            value: PostfachIdNameUsedByIdp
+
+  - it: should set fail due to missing mapping for PostfachId
+    set:
+      env.customList:
+        - name: my_test_environment_name
+          value: "A test value"
+        - name: test_environment
+          value: "B test value"
+      imagePullSecret: test-image-secret
+      samlRegistrationSecretName: muk-saml-registration-secret
+      ozgcloud:
+        environment: dev
+        tokenChecker:
+          entities:
+            - idpEntityId: https://idp-id
+              useIdAsPostfachId: false
+              mappings:
+                trustLevel: TrustLevelNameUsedByIdp
+    asserts:
+      - failedTemplate:
+          errormessage: "at least one ozgcloud.token.check.entities.mappings postfachId must be set"