diff --git a/app/controlplane/cmd/wire_gen.go b/app/controlplane/cmd/wire_gen.go
index 15cb1d5c7..a18514605 100644
--- a/app/controlplane/cmd/wire_gen.go
+++ b/app/controlplane/cmd/wire_gen.go
@@ -100,7 +100,12 @@ func wireApp(bootstrap *conf.Bootstrap, readerWriter credentials.ReaderWriter, l
 	casClientUseCase := biz.NewCASClientUseCase(casCredentialsUseCase, bootstrap_CASServer, logger, v2...)
 	referrerRepo := data.NewReferrerRepo(dataData, workflowRepo, logger)
 	referrerSharedIndex := bootstrap.ReferrerSharedIndex
-	referrerUseCase, err := biz.NewReferrerUseCase(referrerRepo, workflowRepo, membershipUseCase, referrerSharedIndex, logger)
+	referrerSharedIndexConfig, err := biz.NewIndexConfig(referrerSharedIndex)
+	if err != nil {
+		cleanup()
+		return nil, nil, err
+	}
+	referrerUseCase, err := biz.NewReferrerUseCase(referrerRepo, workflowRepo, membershipUseCase, referrerSharedIndexConfig, logger)
 	if err != nil {
 		cleanup()
 		return nil, nil, err
diff --git a/app/controlplane/pkg/biz/biz.go b/app/controlplane/pkg/biz/biz.go
index ee83195e8..81e5023b8 100644
--- a/app/controlplane/pkg/biz/biz.go
+++ b/app/controlplane/pkg/biz/biz.go
@@ -58,6 +58,7 @@ var ProviderSet = wire.NewSet(
 	NewUserAccessSyncerUseCase,
 	NewGroupUseCase,
 	NewCASBackendChecker,
+	NewIndexConfig,
 	wire.Bind(new(PromObservable), new(*PrometheusUseCase)),
 	wire.Struct(new(NewIntegrationUseCaseOpts), "*"),
 	wire.Struct(new(NewUserUseCaseParams), "*"),
diff --git a/app/controlplane/pkg/biz/referrer.go b/app/controlplane/pkg/biz/referrer.go
index 9879128da..34b23d9ec 100644
--- a/app/controlplane/pkg/biz/referrer.go
+++ b/app/controlplane/pkg/biz/referrer.go
@@ -39,23 +39,33 @@ type ReferrerUseCase struct {
 	membershipUseCase *MembershipUseCase
 	workflowRepo      WorkflowRepo
 	logger            *log.Helper
-	indexConfig       *conf.ReferrerSharedIndex
+	indexConfig       *ReferrerSharedIndexConfig
 }
 
-func NewReferrerUseCase(repo ReferrerRepo, wfRepo WorkflowRepo, membershipUseCase *MembershipUseCase, indexCfg *conf.ReferrerSharedIndex, l log.Logger) (*ReferrerUseCase, error) {
+type ReferrerSharedIndexConfig struct {
+	Enabled     bool
+	AllowedOrgs []string
+}
+
+func NewIndexConfig(cfg *conf.ReferrerSharedIndex) (*ReferrerSharedIndexConfig, error) {
+	if err := cfg.ValidateOrgs(); err != nil {
+		return nil, fmt.Errorf("invalid shared index config: %w", err)
+	}
+
+	return &ReferrerSharedIndexConfig{
+		Enabled:     cfg.Enabled,
+		AllowedOrgs: cfg.AllowedOrgs,
+	}, nil
+}
+
+func NewReferrerUseCase(repo ReferrerRepo, wfRepo WorkflowRepo, membershipUseCase *MembershipUseCase, indexCfg *ReferrerSharedIndexConfig, l log.Logger) (*ReferrerUseCase, error) {
 	if l == nil {
 		l = log.NewStdLogger(io.Discard)
 	}
 	logger := servicelogger.ScopedHelper(l, "biz/referrer")
 
-	if indexCfg != nil {
-		if err := indexCfg.ValidateOrgs(); err != nil {
-			return nil, fmt.Errorf("invalid shared index config: %w", err)
-		}
-
-		if indexCfg.Enabled {
-			logger.Infow("msg", "shared index enabled", "allowedOrgs", indexCfg.AllowedOrgs)
-		}
+	if indexCfg != nil && indexCfg.Enabled {
+		logger.Infow("msg", "shared index enabled", "allowedOrgs", indexCfg.AllowedOrgs)
 	}
 
 	return &ReferrerUseCase{
diff --git a/app/controlplane/pkg/biz/referrer_integration_test.go b/app/controlplane/pkg/biz/referrer_integration_test.go
index fb736815e..e1f30a65f 100644
--- a/app/controlplane/pkg/biz/referrer_integration_test.go
+++ b/app/controlplane/pkg/biz/referrer_integration_test.go
@@ -23,7 +23,6 @@ import (
 	"sync"
 	"testing"
 
-	conf "github.com/chainloop-dev/chainloop/app/controlplane/internal/conf/controlplane/config/v1"
 	"github.com/chainloop-dev/chainloop/app/controlplane/pkg/biz"
 	"github.com/chainloop-dev/chainloop/app/controlplane/pkg/biz/testhelpers"
 	"github.com/chainloop-dev/chainloop/pkg/credentials"
@@ -88,7 +87,7 @@ func (s *referrerIntegrationTestSuite) TestGetFromRootInPublicSharedIndex() {
 
 	s.T().Run("it should appear if we whitelist org2", func(t *testing.T) {
 		uc, err := biz.NewReferrerUseCase(s.Repos.Referrer, s.Repos.Workflow, s.Membership,
-			&conf.ReferrerSharedIndex{
+			&biz.ReferrerSharedIndexConfig{
 				Enabled:     true,
 				AllowedOrgs: []string{s.org2.ID},
 			}, nil)
@@ -464,7 +463,7 @@ func (s *referrerIntegrationTestSuite) SetupTest() {
 	require.NoError(s.T(), err)
 
 	s.sharedEnabledUC, err = biz.NewReferrerUseCase(s.Repos.Referrer, s.Repos.Workflow, s.Membership,
-		&conf.ReferrerSharedIndex{
+		&biz.ReferrerSharedIndexConfig{
 			Enabled:     true,
 			AllowedOrgs: []string{s.org1.ID},
 		}, nil)
diff --git a/app/controlplane/pkg/biz/referrer_test.go b/app/controlplane/pkg/biz/referrer_test.go
index b13131eea..51cd48c10 100644
--- a/app/controlplane/pkg/biz/referrer_test.go
+++ b/app/controlplane/pkg/biz/referrer_test.go
@@ -21,7 +21,6 @@ import (
 	"os"
 	"testing"
 
-	conf "github.com/chainloop-dev/chainloop/app/controlplane/internal/conf/controlplane/config/v1"
 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/secure-systems-lab/go-securesystemslib/dsse"
 	"github.com/stretchr/testify/assert"
@@ -32,7 +31,7 @@ import (
 func (s *referrerTestSuite) TestInitialization() {
 	testCases := []struct {
 		name       string
-		conf       *conf.ReferrerSharedIndex
+		conf       *ReferrerSharedIndexConfig
 		wantErrMsg string
 	}{
 		{
@@ -40,20 +39,20 @@ func (s *referrerTestSuite) TestInitialization() {
 		},
 		{
 			name: "disabled",
-			conf: &conf.ReferrerSharedIndex{
+			conf: &ReferrerSharedIndexConfig{
 				Enabled: false,
 			},
 		},
 		{
 			name: "enabled but without orgs",
-			conf: &conf.ReferrerSharedIndex{
+			conf: &ReferrerSharedIndexConfig{
 				Enabled: true,
 			},
 			wantErrMsg: "invalid shared index config: index is enabled, but no orgs are allowed",
 		},
 		{
 			name: "enabled with invalid orgs",
-			conf: &conf.ReferrerSharedIndex{
+			conf: &ReferrerSharedIndexConfig{
 				Enabled:     true,
 				AllowedOrgs: []string{"invalid"},
 			},
@@ -61,7 +60,7 @@ func (s *referrerTestSuite) TestInitialization() {
 		},
 		{
 			name: "enabled with valid orgs",
-			conf: &conf.ReferrerSharedIndex{
+			conf: &ReferrerSharedIndexConfig{
 				Enabled:     true,
 				AllowedOrgs: []string{"00000000-0000-0000-0000-000000000000"},
 			},
diff --git a/app/controlplane/pkg/biz/testhelpers/wire_gen.go b/app/controlplane/pkg/biz/testhelpers/wire_gen.go
index 591373b16..a9fbb8d0e 100644
--- a/app/controlplane/pkg/biz/testhelpers/wire_gen.go
+++ b/app/controlplane/pkg/biz/testhelpers/wire_gen.go
@@ -126,7 +126,12 @@ func WireTestData(testDatabase *TestDatabase, t *testing.T, logger log.Logger, r
 	}
 	referrerRepo := data.NewReferrerRepo(dataData, workflowRepo, logger)
 	referrerSharedIndex := _wireReferrerSharedIndexValue
-	referrerUseCase, err := biz.NewReferrerUseCase(referrerRepo, workflowRepo, membershipUseCase, referrerSharedIndex, logger)
+	referrerSharedIndexConfig, err := biz.NewIndexConfig(referrerSharedIndex)
+	if err != nil {
+		cleanup()
+		return nil, nil, err
+	}
+	referrerUseCase, err := biz.NewReferrerUseCase(referrerRepo, workflowRepo, membershipUseCase, referrerSharedIndexConfig, logger)
 	if err != nil {
 		cleanup()
 		return nil, nil, err