diff --git a/apiserver/Dockerfile b/apiserver/Dockerfile
index f54431c39b49186ebc5fd4d5972b13469968d9e4..a11cc3700ab43ff09f83e693fd1de6f25ab693ad 100644
--- a/apiserver/Dockerfile
+++ b/apiserver/Dockerfile
@@ -1,12 +1,16 @@
 FROM python:3.9-slim
 LABEL maintainer="Christian Böttcher <c.boettcher@fz-juelich.de>"
+RUN useradd --create-home appuser
+WORKDIR /home/appuser
+USER appuser
+
 EXPOSE 8000
-RUN mkdir -p /app/mnt/data
-VOLUME /app/mnt/
-ADD ./apiserver/ /app/apiserver
-ADD ./requirements.txt /app/apiserver/requirements.txt
-RUN python3 -m pip install --no-cache-dir -r /app/apiserver/requirements.txt
+RUN mkdir -p ./mnt/data
+VOLUME ./mnt/
+COPY ./requirements.txt ./requirements.txt
+RUN python3 -m pip install --upgrade pip && python3 -m pip install --user --no-cache-dir -r ./requirements.txt
+ENV PATH="/home/appuser/.local/bin/:${PATH}"
 # set data directory properly for the docker container
-RUN sed -i 's_./app/data_/app/mnt/data_g' /app/apiserver/config.env && sed -i 's_./app/userdb.json_/app/mnt/userdb.json_g' /app/apiserver/config.env && sed -i 's_./app/apiserver.log_/app/mnt/apiserver.log_g' /app/apiserver/log_conf.yaml
-WORKDIR /app
-ENTRYPOINT ["uvicorn", "--host", "0.0.0.0", "--log-level", "debug", "--log-config=./apiserver/log_conf.yaml", "apiserver:app"]
\ No newline at end of file
+COPY --chown=appuser ./apiserver/ ./apiserver
+RUN sed -i 's_./app/data_./mnt/data_g' ./apiserver/config.env && sed -i 's_./app/userdb.json_./mnt/userdb.json_g' ./apiserver/config.env && sed -i 's_./app/apiserver.log_./mnt/apiserver.log_g' ./apiserver/log_conf.yaml
+ENTRYPOINT ["uvicorn", "--host", "0.0.0.0", "--log-level", "debug", "--log-config=./apiserver/log_conf.yaml", "apiserver:app"]