diff --git a/internal/commands/scan.go b/internal/commands/scan.go
index 2664c89e5..75ca8ec03 100644
--- a/internal/commands/scan.go
+++ b/internal/commands/scan.go
@@ -1006,7 +1006,10 @@ func addSCSScan(cmd *cobra.Command, resubmitConfig []wrappers.Config, hasEnterpr
 		SCSMapConfig := make(map[string]interface{})
 		SCSMapConfig[resultsMapType] = commonParams.MicroEnginesType // scs is still microengines in the scans API
 		userScanTypes, _ := cmd.Flags().GetString(commonParams.ScanTypes)
-		scsRepoToken, _ := cmd.Flags().GetString(commonParams.SCSRepoTokenFlag)
+		scsRepoToken := viper.GetString(commonParams.ScsRepoTokenKey)
+		if token, _ := cmd.Flags().GetString(commonParams.SCSRepoTokenFlag); token != "" {
+			scsRepoToken = token
+		}
 		viper.Set(commonParams.SCSRepoTokenFlag, scsRepoToken) // sanitizeLogs uses viper to get the value
 		scsRepoURL, _ := cmd.Flags().GetString(commonParams.SCSRepoURLFlag)
 		viper.Set(commonParams.SCSRepoURLFlag, scsRepoURL) // sanitizeLogs uses viper to get the value
diff --git a/internal/params/binds.go b/internal/params/binds.go
index cbdb064b1..75315fadd 100644
--- a/internal/params/binds.go
+++ b/internal/params/binds.go
@@ -68,4 +68,5 @@ var EnvVarsBinds = []struct {
 	{AiProxyAzureAiRouteKey, AiProxyAzureAiRouteEnv, "api/ai-proxy/redirect/externalAzure"},
 	{AiProxyCheckmarxAiRouteKey, AiProxyCheckmarxAiRouteEnv, "api/ai-proxy/redirect/azure"},
 	{ASCAPortKey, ASCAPortEnv, ""},
+	{ScsRepoTokenKey, ScsRepoTokenEnv, ""},
 }
diff --git a/internal/params/envs.go b/internal/params/envs.go
index 23ece827e..a4ed087ee 100644
--- a/internal/params/envs.go
+++ b/internal/params/envs.go
@@ -67,4 +67,5 @@ const (
 	AiProxyAzureAiRouteEnv              = "CX_AIPROXY_AZUREAI_ROUTE"
 	AiProxyCheckmarxAiRouteEnv          = "CX_AIPROXY_CHECKMARXAI_ROUTE"
 	ASCAPortEnv                         = "CX_ASCA_PORT"
+	ScsRepoTokenEnv                     = "SCS_REPO_TOKEN"
 )
diff --git a/internal/params/keys.go b/internal/params/keys.go
index 6cfd007f9..37c0de34d 100644
--- a/internal/params/keys.go
+++ b/internal/params/keys.go
@@ -67,4 +67,5 @@ var (
 	AiProxyAzureAiRouteKey              = strings.ToLower(AiProxyAzureAiRouteEnv)
 	AiProxyCheckmarxAiRouteKey          = strings.ToLower(AiProxyCheckmarxAiRouteEnv)
 	ASCAPortKey                         = strings.ToLower(ASCAPortEnv)
+	ScsRepoTokenKey                     = strings.ToLower(ScsRepoTokenEnv)
 )
diff --git a/test/integration/scan_test.go b/test/integration/scan_test.go
index 41f922d2f..004d832ab 100644
--- a/test/integration/scan_test.go
+++ b/test/integration/scan_test.go
@@ -939,7 +939,6 @@ func getCreateArgsWithNameAndGroups(source string, tags map[string]string, group
 		flag(params.TagList), formatTags(tags),
 		flag(params.BranchFlag), SlowRepoBranch,
 		flag(params.ProjectGroupList), formatGroups(groups),
-		flag(params.DebugFlag),
 	}
 
 	if strings.Contains(scanTypes, "scs") {
@@ -1804,6 +1803,28 @@ func TestCreateScan_WithTypeScsMissingRepoURL_Fail(t *testing.T) {
 
 func TestCreateScan_WithTypeScsMissingRepoToken_Fail(t *testing.T) {
 	_, projectName := getRootProject(t)
+	scsRepoTokenEnvValue := os.Getenv(params.ScsRepoTokenEnv)
+	defer setEnvVars(map[string]string{params.ScsRepoTokenEnv: scsRepoTokenEnvValue})
+
+	setEnvVars(map[string]string{
+		params.ScsRepoTokenEnv: "",
+	})
+
+	args := []string{
+		"scan", "create",
+		flag(params.ProjectName), projectName,
+		flag(params.SourcesFlag), Zip,
+		flag(params.ScanTypes), "iac-security, scs",
+		flag(params.BranchFlag), "main",
+		flag(params.SCSRepoURLFlag), scsRepoURL,
+	}
+
+	err, _ := executeCommand(t, args...)
+	assert.Error(t, err, commands.ScsRepoRequiredMsg)
+}
+
+func TestCreateScan_ScsRepoTokenEnvConfigured_Success(t *testing.T) {
+	_, projectName := getRootProject(t)
 
 	args := []string{
 		"scan", "create",