diff --git a/example/images/miniflux/Dockerfile b/example/images/miniflux/Dockerfile
index 35624ce..6419ab1 100644
--- a/example/images/miniflux/Dockerfile
+++ b/example/images/miniflux/Dockerfile
@@ -1,7 +1,7 @@
-FROM danielberteaud/alpine:24.9-1
+FROM danielberteaud/alpine:24.9-3
 LABEL maintainer="Daniel Berteaud <dbd@ehtrace.com>"
 
-ARG MINIFLUX_VERSION=2.2.0
+ARG MINIFLUX_VERSION=2.2.1
 
 ENV LISTEN_ADDR=0.0.0.0:8085 \
     RUN_MIGRATIONS=1 \
diff --git a/example/miniflux.nomad.hcl b/example/miniflux.nomad.hcl
index 6890709..b960e23 100644
--- a/example/miniflux.nomad.hcl
+++ b/example/miniflux.nomad.hcl
@@ -107,7 +107,7 @@ job "miniflux" {
       user   = 1053
 
       config {
-        image           = "danielberteaud/wait-for:24.8-1"
+        image           = "danielberteaud/wait-for:24.9-1"
         readonly_rootfs = true
         pids_limit      = 20
       }
@@ -135,7 +135,7 @@ job "miniflux" {
       driver = "docker"
 
       config {
-        image           = "danielberteaud/miniflux:2.2.0-1"
+        image           = "danielberteaud/miniflux:2.2.1-1"
         readonly_rootfs = true
 
         pids_limit = 100
@@ -143,7 +143,7 @@ job "miniflux" {
 
 
       vault {
-        policies     = ["miniflux"]
+        role         = "miniflux"
         env          = false
         disable_file = true
         change_mode  = "noop"
@@ -180,8 +180,9 @@ _EOT
 
 
       resources {
-        cpu    = 50
-        memory = 192
+        cpu        = 50
+        memory     = 192
+        memory_max = 256
       }
 
     }
diff --git a/example/vault/roles/miniflux.json b/example/vault/roles/miniflux.json
new file mode 100644
index 0000000..8563d90
--- /dev/null
+++ b/example/vault/roles/miniflux.json
@@ -0,0 +1,25 @@
+{
+  "bound_audiences": [
+    "vault.io"
+  ],
+  "bound_claims": {
+    "nomad_job_id": "miniflux",
+    "nomad_namespace": "default"
+  },
+  "claim_mapping": {
+    "nomad_allocation_id": "nomad_allocation_id",
+    "nomad_job_id": "nomad_job_id",
+    "nomad_namespace": "nomad_namespace",
+    "nomad_task": "nomad_task"
+  },
+  "role_type": "jwt",
+  "token_explicit_max_ttl": 0,
+  "token_period": "1h",
+  "token_policies": [
+    "miniflux"
+  ],
+  "token_type": "service",
+  "user_claim": "/nomad_allocation_id",
+  "user_claim_json_pointer": true
+}
+
diff --git a/variables.yml b/variables.yml
index b201480..b7f1c5f 100644
--- a/variables.yml
+++ b/variables.yml
@@ -6,7 +6,7 @@ instance: miniflux
 miniflux:
 
   # Version of miniflux
-  version: 2.2.0
+  version: 2.2.1
 
   # Docker image to use
   image: '[[ .docker.repo ]]miniflux:[[ .miniflux.version ]]-1'
@@ -18,6 +18,7 @@ miniflux:
   resources:
     cpu: 50
     memory: 192
+    memory_max: 256
 
   wait_for:
     - service: primary.postgres[[ .consul.suffix ]]
@@ -29,8 +30,10 @@ miniflux:
           local_bind_port: 5432
 
   vault:
-    policies:
-      - '[[ .instance ]][[ .consul.suffix ]]'
+    workload_identity:
+      role:
+        token_policies:
+          - '[[ .instance ]][[ .consul.suffix ]]'
 
   # Additional env var to pass to the container
   env: {}
diff --git a/vault/roles/miniflux.json b/vault/roles/miniflux.json
new file mode 100644
index 0000000..146d7e7
--- /dev/null
+++ b/vault/roles/miniflux.json
@@ -0,0 +1 @@
+[[ template "common/vault.jwt_role" merge .miniflux . ]]