diff --git a/.env.example b/.env.example
index f889b50..3b645f7 100644
--- a/.env.example
+++ b/.env.example
@@ -69,3 +69,6 @@ BASTION_TOKEN_STATUS_ENDPOINT=/bastion_token/{task_id}
 BASTION_TOKEN_TIMEOUT=30
 BASTION_TOKEN_POLL_ATTEMPTS=20
 BASTION_TOKEN_POLL_INTERVAL_MS=500
+BASTION_TOKEN_TASK_TTL_SECONDS=1800
+BASTION_TOKEN_SERVICE=https://myapp.cdu.edu.cn/index.html
+BASTION_TOKEN_VERIFY_SSL=false
diff --git a/app/Http/Controllers/Api/BastionAccountController.php b/app/Http/Controllers/Api/BastionAccountController.php
index d22596e..0c257ff 100644
--- a/app/Http/Controllers/Api/BastionAccountController.php
+++ b/app/Http/Controllers/Api/BastionAccountController.php
@@ -83,6 +83,8 @@ class BastionAccountController extends Controller
         $submitEndpoint = (string) config('services.bastion_token.submit_endpoint', '/bastion_token');
         $timeout = (int) config('services.bastion_token.timeout', 30);
         $taskTtlSeconds = (int) config('services.bastion_token.task_ttl_seconds', 1800);
+        $service = (string) config('services.bastion_token.service', 'https://myapp.cdu.edu.cn/index.html');
+        $verifySsl = (bool) config('services.bastion_token.verify_ssl', false);
 
         try {
             $submitResponse = Http::baseUrl($baseUrl)
@@ -92,6 +94,8 @@ class BastionAccountController extends Controller
                 ->post($submitEndpoint, [
                     'username' => $account->username,
                     'password' => $account->password,
+                    'service' => $service,
+                    'verify_ssl' => $verifySsl,
                 ]);
 
             if (! $submitResponse->successful()) {
@@ -209,8 +213,14 @@ class BastionAccountController extends Controller
         }
 
         if (! (bool) ($taskMeta['finished'] ?? false)) {
-            $usmAuthentication = (string) data_get($taskResult, 'data.USM-AUTHENTICATION', '');
-            $usm = (string) data_get($taskResult, 'data.USM', '');
+            $usmAuthentication = (string) data_get($taskResult, 'data.bastion.token_cookies.USM-AUTHENTICATION', '');
+            $usm = (string) data_get($taskResult, 'data.bastion.token_cookies.USM', '');
+
+            // 向后兼容旧版任务服务返回结构
+            if ($usmAuthentication === '' || $usm === '') {
+                $usmAuthentication = (string) data_get($taskResult, 'data.USM-AUTHENTICATION', $usmAuthentication);
+                $usm = (string) data_get($taskResult, 'data.USM', $usm);
+            }
 
             if ($usmAuthentication === '' || $usm === '') {
                 return response()->json([
diff --git a/config/services.php b/config/services.php
index b38f0f9..8877fd4 100644
--- a/config/services.php
+++ b/config/services.php
@@ -39,6 +39,8 @@ return [
         'poll_attempts' => (int) env('BASTION_TOKEN_POLL_ATTEMPTS', 60),
         'poll_interval_ms' => (int) env('BASTION_TOKEN_POLL_INTERVAL_MS', 500),
         'task_ttl_seconds' => (int) env('BASTION_TOKEN_TASK_TTL_SECONDS', 1800),
+        'service' => env('BASTION_TOKEN_SERVICE', 'https://myapp.cdu.edu.cn/index.html'),
+        'verify_ssl' => (bool) env('BASTION_TOKEN_VERIFY_SSL', false),
     ],
 
     'bastion_access' => [