diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
index 70e65ee..582577b 100644
--- a/config/manager/manager.yaml
+++ b/config/manager/manager.yaml
@@ -75,25 +75,33 @@ spec:
         image: 1password/onepassword-operator:latest
         name: manager
         env:
-          - name: WATCH_NAMESPACE
-            value: "default"
+          - name: OPERATOR_NAME
+            value: "onepassword-connect-operator"
           - name: POD_NAME
             valueFrom:
               fieldRef:
                 fieldPath: metadata.name
-          - name: OPERATOR_NAME
-            value: "onepassword-connect-operator"
-          - name: OP_CONNECT_HOST
-            value: "http://onepassword-connect:8080"
+          - name: WATCH_NAMESPACE
+            value: "default"
           - name: POLLING_INTERVAL
             value: "10"
+          - name: AUTO_RESTART
+            value: "false"
+          - name: OP_CONNECT_HOST
+            value: "http://onepassword-connect:8080"
           - name: OP_CONNECT_TOKEN
             valueFrom:
               secretKeyRef:
                 name: onepassword-token
                 key: token
-          - name: AUTO_RESTART
+          - name: MANAGE_CONNECT
             value: "false"
+#            Uncomment the following lines to enable service account token and comment out the OP_CONNECT_TOKEN and OP_CONNECT_HOST env vars.
+#          - name: OP_SERVICE_ACCOUNT_TOKEN
+#            valueFrom:
+#              secretKeyRef:
+#                name: onepassword-service-account-token
+#                key: token
         securityContext:
           allowPrivilegeEscalation: false
           capabilities: