diff --git a/server/api/auth/login.post.ts b/server/api/auth/login.post.ts
index 7087e04..2004b14 100644
--- a/server/api/auth/login.post.ts
+++ b/server/api/auth/login.post.ts
@@ -3,6 +3,8 @@ import { z } from 'zod'
 const bodySchema = z.object({
     documento: z.string().trim().min(11).max(20).optional(),
     returnTo: z.string().startsWith('/').max(200).optional(),
+    primary: z.string().regex(/^[0-9a-fA-F]{6}$/).optional(),
+    dark: z.boolean().optional(),
 })
 
 export default defineEventHandler(async (event) => {
@@ -26,6 +28,8 @@ export default defineEventHandler(async (event) => {
         state,
         redirectUri,
         loginHint: body.data.documento?.replace(/\D/g, ''),
+        primary: body.data.primary,
+        dark: body.data.dark,
     })
 
     return { authUrl }
diff --git a/server/utils/keycloak.ts b/server/utils/keycloak.ts
index 77abd80..6f9eb37 100644
--- a/server/utils/keycloak.ts
+++ b/server/utils/keycloak.ts
@@ -18,6 +18,8 @@ export function buildAuthUrl(opts: {
     state: string
     redirectUri: string
     loginHint?: string
+    primary?: string
+    dark?: boolean
 }): string {
     const cfg = useRuntimeConfig()
     const params = new URLSearchParams({
@@ -30,6 +32,8 @@ export function buildAuthUrl(opts: {
         state: opts.state,
     })
     if (opts.loginHint) params.set('login_hint', opts.loginHint)
+    if (opts.primary)   params.set('primary', opts.primary)
+    if (opts.dark !== undefined) params.set('dark', String(opts.dark))
     return `${realmBase()}/protocol/openid-connect/auth?${params.toString()}`
 }
 
diff --git a/src/composables/useAuth.ts b/src/composables/useAuth.ts
index 659d803..74bd760 100644
--- a/src/composables/useAuth.ts
+++ b/src/composables/useAuth.ts
@@ -1,5 +1,6 @@
 import { computed } from 'vue'
 import { useAuthStore } from '@/stores/authStore'
+import { usePrefeituraStore } from '@/stores/prefeituraStore'
 
 interface MeResponse {
     name: string
@@ -10,15 +11,33 @@ interface MeResponse {
 
 const FETCH_HEADERS = { 'X-Requested-With': 'fetch' }
 
+const TEMPLATE_COLORS: Record<string, string> = {
+    tutoia: 'f97316',
+    amber: 'f59e0b',
+    blue: '3b82f6',
+    indigo: '6366f1',
+    violet: '8b5cf6',
+    emerald: '10b981',
+    teal: '14b8a6',
+    rose: 'f43f5e',
+    zinc: '71717a',
+}
+
 export function useAuth() {
     const store = useAuthStore()
     const router = useRouter()
 
     async function login(documento?: string, returnTo?: string) {
+        const template = usePrefeituraStore().template as string | null
+        const primary = template ? (TEMPLATE_COLORS[template] ?? '') : ''
+        const dark = import.meta.client
+            ? (window.matchMedia?.('(prefers-color-scheme: dark)').matches ?? false)
+            : false
+
         const res = await $fetch<{ authUrl: string }>('/api/auth/login', {
             method: 'POST',
             headers: FETCH_HEADERS,
-            body: { documento, returnTo },
+            body: { documento, returnTo, primary: primary || undefined, dark },
         })
         if (import.meta.client) {
             window.location.href = res.authUrl