diff --git a/project/base_settings.py b/project/base_settings.py
index 41033b1..224dcc9 100644
--- a/project/base_settings.py
+++ b/project/base_settings.py
@@ -3,7 +3,6 @@
 import os
 import sys
 
-
 BASE_DIR = os.path.dirname(os.path.dirname(__file__))
 
 
@@ -140,14 +139,14 @@
     }
 }
 
-if os.getenv('AUTH', 'NONE') == 'SAML_MOCK' or os.getenv('AUTH', 'NONE') == 'SAML':
+if os.getenv('AUTH', '') == 'SAML_MOCK' or os.getenv('AUTH', '') == 'SAML':
     INSTALLED_APPS += ['uw_saml']
     LOGIN_URL = reverse_lazy('saml_login')
     LOGOUT_URL = reverse_lazy('saml_logout')
     SAML_USER_ATTRIBUTE = os.getenv('SAML_USER_ATTRIBUTE', 'uwnetid')
     SAML_FORCE_AUTHN = os.getenv('SAML_FORCE_AUTHN', False)
 
-    if os.getenv('AUTH', 'NONE') == 'SAML_MOCK':
+    if os.getenv('AUTH', '') == 'SAML_MOCK':
         MOCK_SAML_ATTRIBUTES = {
             'uwnetid': ['javerage'],
             'affiliations': ['student', 'member', 'alum', 'staff', 'employee'],
@@ -157,7 +156,7 @@
                            'u_astratest_myuw_test-support-admin'],
         }
 
-    elif os.getenv('AUTH', 'NONE') == 'SAML':
+    elif os.getenv('AUTH', '') == 'SAML':
         CLUSTER_CNAME = os.getenv('CLUSTER_CNAME', 'localhost')
         UW_SAML = {
             'strict': True,
@@ -165,17 +164,16 @@
             'sp': {
                 'entityId': os.getenv('SAML_ENTITY_ID', 'https://' + CLUSTER_CNAME + '/saml'),
                 'assertionConsumerService': {
-                    'url': 'https://' + CLUSTER_CNAME + '/saml/sso',
+                    'url': 'https://' + CLUSTER_CNAME + reverse_lazy('saml_sso'),
                     'binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'
                 },
                 'singleLogoutService': {
-                    'url': 'https://' + CLUSTER_CNAME + '/saml/logout',
+                    'url': 'https://' + CLUSTER_CNAME + LOGOUT_URL,
                     'binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
                 },
                 'NameIDFormat': 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
                 'x509cert': os.getenv('SP_CERT', ''),
-                if os.getenv('SP_PRIVATE_KEY', None):
-                    'privateKey': os.getenv('SP_PRIVATE_KEY'),
+                'privateKey': os.getenv('SP_PRIVATE_KEY', ''),
             },
             'idp': {
                 'entityId': 'urn:mace:incommon:washington.edu',
@@ -194,9 +192,8 @@
                 'wantMessagesSigned': os.getenv('SP_WANT_MESSAGES_SIGNED', True),
                 'wantAssertionsSigned': os.getenv('SP_WANT_ASSERTIONS_SIGNED', False),
                 'wantAssertionsEncrypted': os.getenv('SP_WANT_ASSERTIONS_ENCRYPTED', False),
-                if os.getenv('SP_USE_2FA', False):
-                    'requestedAuthnContext': ['urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken'],
-                    'failOnAuthnContextMismatch': True,
+                'requestedAuthnContext': ['urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken'] if os.getenv('SP_USE_2FA', False) else False,
+                'failOnAuthnContextMismatch': os.getenv('SP_USE_2FA', False),
             }
         }
 
diff --git a/project/base_urls.py b/project/base_urls.py
index bef6085..759b29b 100644
--- a/project/base_urls.py
+++ b/project/base_urls.py
@@ -1,8 +1,8 @@
 from django.urls import include, re_path
 import os
 
-urlpatterns = [
-]
+urlpatterns = []
 
-if os.getenv("AUTH", "mock") == "SAML" or os.getenv("AUTH", "SAML_MOCK") == "SAML_MOCK":
-    urlpatterns += [ re_path(r'^saml/', include('uw_saml.urls')) ]
+
+if os.getenv('AUTH', '') == 'SAML' or os.getenv('AUTH', '') == 'SAML_MOCK':
+    urlpatterns += [re_path(r'^saml/', include('uw_saml.urls'))]