diff --git a/auth.go b/auth.go
index 2d9c0e4..a6bdb53 100644
--- a/auth.go
+++ b/auth.go
@@ -57,7 +57,7 @@ func (config *Config) AuthorizeApiKey(apiKey string, accountIDs []string) (autho
 		WHERE ApiKeys.ApiKey = @api_key
 			AND ApiKeys.AccountId IN UNNEST (@account_ids)
 			AND LOWER(Roles.ServicePath) = @service_path
-			AND LOWER(Roles.ServiceMethod) = @service_method
+			AND UPPER(Roles.ServiceMethod) = @service_method
 	`
 
 	// Find all accounts if no account ids mentioned
@@ -98,7 +98,7 @@ func (config *Config) AuthorizeToken(userEmail string, accountIDs []string) (aut
 		WHERE Users.UserEmail = @user_email
 			AND Users.AccountId IN UNNEST (@account_ids)
 			AND LOWER(Roles.ServicePath) = @service_path
-			AND LOWER(Roles.ServiceMethod) = @service_method
+			AND UPPER(Roles.ServiceMethod) = @service_method
 	`
 
 	// Find all accounts if no account ids mentioned
diff --git a/config.go b/config.go
index d17ec17..d7a0c1a 100644
--- a/config.go
+++ b/config.go
@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"log"
 	"os"
+	"strings"
 )
 
 // Config ...
@@ -52,5 +53,8 @@ func ReadConfig() (config *Config) {
 	defer configFile.Close()
 
 	json.NewDecoder(configFile).Decode(&config)
+
+	config.Service.Path = strings.ToLower(config.Service.Path)
+	config.Service.Method = strings.ToUpper(config.Service.Method)
 	return
 }
diff --git a/headers.go b/headers.go
index c4379aa..e390a4d 100644
--- a/headers.go
+++ b/headers.go
@@ -9,6 +9,6 @@ func (config Config) SetHeaders(w http.ResponseWriter, req *http.Request) {
 
 	// Set CORS Headers
 	w.Header().Set("Access-Control-Allow-Origin", config.Cors.AllowOrigins)
-	w.Header().Set("Access-Control-Allow-Methods", config.Service.Method+", options")
+	w.Header().Set("Access-Control-Allow-Methods", config.Service.Method+", OPTIONS")
 	w.Header().Set("Access-Control-Allow-Headers", config.Cors.AllowHeaders)
 }
diff --git a/router.go b/router.go
index cfe058c..b0f3303 100644
--- a/router.go
+++ b/router.go
@@ -16,6 +16,7 @@ func (config *Config) Router(w http.ResponseWriter, req *http.Request) {
 	// Set Content Type and CORS headers
 	config.SetHeaders(w, req)
 
+	// NOTE: req.Method and config.Service.Method should be converted to same case to match
 	switch req.Method {
 	case config.Service.Method:
 		// Valid request to be processed by the Controller method