diff --git a/EduApi.Console/App.config b/EduApi.Console/App.config
new file mode 100644
index 0000000..3b53180
--- /dev/null
+++ b/EduApi.Console/App.config
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+  <configSections>
+    <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
+    <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
+  </configSections>
+  <appSettings>
+    <add key="BaseAddress" value="http://localhost:9000/" />
+
+    <add key="JWT.Audience" value="Edu Api" />
+    <add key="JWT.Issuer" value="Edu Api" />
+    <add key="JWT.UseRsa" value="false" />
+    <add key="JWT.RsaJsonFileName" value="rsaKey.json" />
+    <add key="JWT.HmacSecretKey" value="db3OIsj+BXE9NZDy0t8W3TcNekrF+2d/1sFnWG4HnV8TZY30iTOdtVWJG8abWvB1GlOgJuQZdcF2Luqm/hccMw==" />
+  </appSettings>
+  <connectionStrings>
+    <clear />
+    <add name="connStr" connectionString="Database=eduApi; Data Source=.; Persist Security Info=True; Integrated Security=true" providerName="System.Data.SqlClient" />
+  </connectionStrings>
+  <startup>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1" />
+  </startup>
+  <runtime>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-3.1.0.0" newVersion="3.1.0.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Web.Http" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-5.2.3.0" newVersion="5.2.3.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="System.Net.Http.Formatting" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-5.2.3.0" newVersion="5.2.3.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.IdentityModel.Tokens" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-5.1.2.0" newVersion="5.1.2.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.IdentityModel.Logging" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-1.1.2.0" newVersion="1.1.2.0" />
+      </dependentAssembly>
+    </assemblyBinding>
+  </runtime>
+  <entityFramework>
+    <defaultConnectionFactory type="System.Data.Entity.Infrastructure.LocalDbConnectionFactory, EntityFramework">
+      <parameters>
+        <parameter value="mssqllocaldb" />
+      </parameters>
+    </defaultConnectionFactory>
+    <providers>
+      <provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
+    </providers>
+  </entityFramework>
+</configuration>
\ No newline at end of file
diff --git a/EduApi.Console/EduApi.Console.csproj b/EduApi.Console/EduApi.Console.csproj
new file mode 100644
index 0000000..39c6745
--- /dev/null
+++ b/EduApi.Console/EduApi.Console.csproj
@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{5E881637-B84B-4A8F-BD67-00784E3EB6E9}</ProjectGuid>
+    <OutputType>Exe</OutputType>
+    <AppDesignerFolder>Properties</AppDesignerFolder>
+    <RootNamespace>EduApi.Console</RootNamespace>
+    <AssemblyName>EduApi.Console</AssemblyName>
+    <TargetFrameworkVersion>v4.6.1</TargetFrameworkVersion>
+    <FileAlignment>512</FileAlignment>
+    <TargetFrameworkProfile />
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL">
+      <HintPath>..\packages\EntityFramework.6.1.3\lib\net45\EntityFramework.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="EntityFramework.SqlServer, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL">
+      <HintPath>..\packages\EntityFramework.6.1.3\lib\net45\EntityFramework.SqlServer.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Microsoft.Owin, Version=3.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Owin.3.1.0\lib\net45\Microsoft.Owin.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Microsoft.Owin.Host.HttpListener, Version=3.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Owin.Host.HttpListener.3.1.0\lib\net45\Microsoft.Owin.Host.HttpListener.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Microsoft.Owin.Hosting, Version=3.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Owin.Hosting.3.0.1\lib\net45\Microsoft.Owin.Hosting.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Owin, Version=1.0.0.0, Culture=neutral, PublicKeyToken=f0ebd12fd5e55cc5, processorArchitecture=MSIL">
+      <HintPath>..\packages\Owin.1.0\lib\net40\Owin.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="System" />
+    <Reference Include="System.ComponentModel.DataAnnotations" />
+    <Reference Include="System.Configuration" />
+    <Reference Include="System.Core" />
+    <Reference Include="System.Xml.Linq" />
+    <Reference Include="System.Data.DataSetExtensions" />
+    <Reference Include="Microsoft.CSharp" />
+    <Reference Include="System.Data" />
+    <Reference Include="System.Net.Http" />
+    <Reference Include="System.Xml" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="Program.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="App.config" />
+    <None Include="packages.config" />
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\EduApi.Web\EduApi.Web.csproj">
+      <Project>{66013134-bc6d-40bd-8b51-90456d6add2f}</Project>
+      <Name>EduApi.Web</Name>
+    </ProjectReference>
+  </ItemGroup>
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+  <PropertyGroup>
+    <PostBuildEvent>xcopy "$(SolutionDir)EduApi.Web/index.html" "$(TargetDir)" /Y /I</PostBuildEvent>
+  </PropertyGroup>
+  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
+       Other similar extension points exist, see Microsoft.Common.targets.
+  <Target Name="BeforeBuild">
+  </Target>
+  <Target Name="AfterBuild">
+  </Target>
+  -->
+</Project>
\ No newline at end of file
diff --git a/EduApi.Console/Program.cs b/EduApi.Console/Program.cs
new file mode 100644
index 0000000..700f407
--- /dev/null
+++ b/EduApi.Console/Program.cs
@@ -0,0 +1,23 @@
+using System;
+using System.Configuration;
+using System.Diagnostics;
+using EduApi.Web;
+using Microsoft.Owin.Hosting;
+
+namespace EduApi.Console
+{
+    class Program
+    {
+        static void Main(string[] args)
+        {
+            var baseAddress = ConfigurationManager.AppSettings["BaseAddress"];
+
+            using (WebApp.Start<Startup>(baseAddress))
+            {
+                Process.Start(baseAddress);
+                System.Console.WriteLine($"Started on {baseAddress}...");
+                System.Console.ReadKey();
+            }
+        }
+    }
+}
diff --git a/EduApi.Console/Properties/AssemblyInfo.cs b/EduApi.Console/Properties/AssemblyInfo.cs
new file mode 100644
index 0000000..f39227d
--- /dev/null
+++ b/EduApi.Console/Properties/AssemblyInfo.cs
@@ -0,0 +1,36 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("EduApi.Console")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("EduApi.Console")]
+[assembly: AssemblyCopyright("Copyright ©  2017")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible 
+// to COM components.  If you need to access a type in this assembly from 
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("5e881637-b84b-4a8f-bd67-00784e3eb6e9")]
+
+// Version information for an assembly consists of the following four values:
+//
+//      Major Version
+//      Minor Version 
+//      Build Number
+//      Revision
+//
+// You can specify all the values or you can default the Build and Revision Numbers 
+// by using the '*' as shown below:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("1.0.0.0")]
+[assembly: AssemblyFileVersion("1.0.0.0")]
diff --git a/EduApi.Console/packages.config b/EduApi.Console/packages.config
new file mode 100644
index 0000000..652e0e8
--- /dev/null
+++ b/EduApi.Console/packages.config
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packages>
+  <package id="EntityFramework" version="6.1.3" targetFramework="net461" />
+  <package id="Microsoft.Owin" version="3.1.0" targetFramework="net461" />
+  <package id="Microsoft.Owin.Host.HttpListener" version="3.1.0" targetFramework="net461" />
+  <package id="Microsoft.Owin.Hosting" version="3.0.1" targetFramework="net45" />
+  <package id="Owin" version="1.0" targetFramework="net45" />
+</packages>
\ No newline at end of file
diff --git a/EduApi.Web.Tests/app.config b/EduApi.Web.Tests/app.config
index 226df75..2f86961 100644
--- a/EduApi.Web.Tests/app.config
+++ b/EduApi.Web.Tests/app.config
@@ -12,12 +12,24 @@
       </dependentAssembly>
       <dependentAssembly>
         <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
+        <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0" />
       </dependentAssembly>
       <dependentAssembly>
         <assemblyIdentity name="System.Net.Http.Formatting" publicKeyToken="31bf3856ad364e35" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-5.2.3.0" newVersion="5.2.3.0" />
       </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-3.1.0.0" newVersion="3.1.0.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.IdentityModel.Tokens" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-5.1.2.0" newVersion="5.1.2.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.IdentityModel.Logging" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-1.1.2.0" newVersion="1.1.2.0" />
+      </dependentAssembly>
     </assemblyBinding>
   </runtime>
   <entityFramework>
diff --git a/EduApi.Web.sln b/EduApi.Web.sln
index dee94ef..97d3071 100644
--- a/EduApi.Web.sln
+++ b/EduApi.Web.sln
@@ -7,6 +7,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "EduApi.Web", "EduApi.Web\Ed
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "EduApi.Web.Tests", "EduApi.Web.Tests\EduApi.Web.Tests.csproj", "{47EFBA67-12DC-4141-AFE6-436F3E2A09DE}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "EduApi.Console", "EduApi.Console\EduApi.Console.csproj", "{5E881637-B84B-4A8F-BD67-00784E3EB6E9}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -21,6 +23,10 @@ Global
 		{47EFBA67-12DC-4141-AFE6-436F3E2A09DE}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{47EFBA67-12DC-4141-AFE6-436F3E2A09DE}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{47EFBA67-12DC-4141-AFE6-436F3E2A09DE}.Release|Any CPU.Build.0 = Release|Any CPU
+		{5E881637-B84B-4A8F-BD67-00784E3EB6E9}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{5E881637-B84B-4A8F-BD67-00784E3EB6E9}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{5E881637-B84B-4A8F-BD67-00784E3EB6E9}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{5E881637-B84B-4A8F-BD67-00784E3EB6E9}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
diff --git a/EduApi.Web/App_Start/SimpleInjector/BaseContainer.cs b/EduApi.Web/App_Start/SimpleInjector/BaseContainer.cs
new file mode 100644
index 0000000..9752022
--- /dev/null
+++ b/EduApi.Web/App_Start/SimpleInjector/BaseContainer.cs
@@ -0,0 +1,32 @@
+using System.Linq;
+using System.Reflection;
+using SimpleInjector;
+
+namespace EduApi.Web.SimpleInjector
+{
+    public class BaseContainer
+    {
+        /// <summary>registers dependancies based on naming conventions</summary>
+        public static void Register (Container container, string endsWith)
+        {
+            var types = Assembly.GetExecutingAssembly().GetTypes();
+
+            var typesToRegister = (
+                from serviceType in types.Where(t => t.Name.StartsWith("I") && t.Name.EndsWith(endsWith))
+                from implementationType in
+                types.Where(t => t.Name == serviceType.Name.Substring(1) && t.Namespace == serviceType.Namespace)
+                select new
+                {
+                    ServiceType = serviceType,
+                    ImplementationType = implementationType
+                }
+            );
+            foreach (var pair in typesToRegister)
+            {
+                // Checks if the service has already been registered. Allows for custom installations
+                if(container.GetCurrentRegistrations().All(x => x.ServiceType != pair.ServiceType))
+                    container.Register(pair.ServiceType, pair.ImplementationType, Lifestyle.Scoped);
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/EduApi.Web/App_Start/SimpleInjector/SimpleInjectorWebApiInitializer.cs b/EduApi.Web/App_Start/SimpleInjector/SimpleInjectorWebApiInitializer.cs
new file mode 100644
index 0000000..80e5adc
--- /dev/null
+++ b/EduApi.Web/App_Start/SimpleInjector/SimpleInjectorWebApiInitializer.cs
@@ -0,0 +1,54 @@
+using System;
+using System.Configuration;
+using System.Web.Http;
+using EduApi.Web.Data;
+using EduApi.Web.Providers;
+using EduApi.Web.Providers.JWTSigningCredentialsProviders;
+using EduApi.Web.Services;
+using EduApi.Web.SimpleInjector;
+using Owin;
+using SimpleInjector;
+using SimpleInjector.Integration.WebApi;
+using SimpleInjector.Lifestyles;
+
+namespace EduApi.Web.SimpleInjector
+{
+    public static class SimpleInjectorWebApiInitializer
+    {
+        /// <summary>Initialize the container and register it as Web API Dependency Resolver.</summary>
+        public static void Initialize(HttpConfiguration httpConfiguration)
+        {
+            var container = new Container();
+            container.Options.DefaultScopedLifestyle = new AsyncScopedLifestyle();
+
+            InitializeContainer(container);
+
+            // Installs based on convention i.e. IUserService, UserService
+            BaseContainer.Register(container, "Provider");
+            BaseContainer.Register(container, "Service");
+
+            container.RegisterWebApiControllers(httpConfiguration);
+       
+            container.Verify();
+            
+            GlobalConfiguration.Configuration.DependencyResolver =
+                new SimpleInjectorWebApiDependencyResolver(container);
+
+            httpConfiguration.DependencyResolver = new SimpleInjectorWebApiDependencyResolver(container);
+        }
+     
+        //<summary>Custom Installations not overridden by the base installation</summary>
+        private static void InitializeContainer(Container container)
+        {
+            var useRsa = ConfigurationManager.AppSettings["JWT.UseRsa"];
+            if(useRsa == "true") container.Register<ISigningCredentialsProvider, RSASigningCredentialsProvider>(Lifestyle.Scoped);
+            else container.Register<ISigningCredentialsProvider, HMACSHA256SigningCredentialsProvider>(Lifestyle.Scoped);
+
+            container.Register<DatabaseContext, DatabaseContext>(Lifestyle.Scoped);
+
+            // For instance:
+            // container.Register<IUserRepository, SqlUserRepository>(Lifestyle.Scoped);
+        }
+
+    }
+}
\ No newline at end of file
diff --git a/EduApi.Web/App_Start/SimpleInjectorWebApiInitializer.cs b/EduApi.Web/App_Start/SimpleInjectorWebApiInitializer.cs
deleted file mode 100644
index 3174e2d..0000000
--- a/EduApi.Web/App_Start/SimpleInjectorWebApiInitializer.cs
+++ /dev/null
@@ -1,40 +0,0 @@
-using EduApi.Web.Data;
-using EduApi.Web.Services;
-using SimpleInjector.Lifestyles;
-
-[assembly: WebActivator.PostApplicationStartMethod(typeof(EduApi.Web.App_Start.SimpleInjectorWebApiInitializer), "Initialize")]
-namespace EduApi.Web.App_Start
-{
-    using System.Web.Http;
-    using SimpleInjector;
-    using SimpleInjector.Integration.WebApi;
-    
-    public static class SimpleInjectorWebApiInitializer
-    {
-        /// <summary>Initialize the container and register it as Web API Dependency Resolver.</summary>
-        public static void Initialize()
-        {
-            var container = new Container();
-            container.Options.DefaultScopedLifestyle = new AsyncScopedLifestyle();
-            
-            InitializeContainer(container);
-
-            container.RegisterWebApiControllers(GlobalConfiguration.Configuration);
-       
-            container.Verify();
-            
-            GlobalConfiguration.Configuration.DependencyResolver =
-                new SimpleInjectorWebApiDependencyResolver(container);
-        }
-     
-        private static void InitializeContainer(Container container)
-        {
-            container.Register<IStudentsService, StudentsService>();
-
-            container.Register<DatabaseContext, DatabaseContext>(Lifestyle.Scoped);
-
-            // For instance:
-            // container.Register<IUserRepository, SqlUserRepository>(Lifestyle.Scoped);
-        }
-    }
-}
\ No newline at end of file
diff --git a/EduApi.Web/App_Start/SwaggerConfig.cs b/EduApi.Web/App_Start/SwaggerConfig.cs
index 8ce31e7..9b69cb0 100644
--- a/EduApi.Web/App_Start/SwaggerConfig.cs
+++ b/EduApi.Web/App_Start/SwaggerConfig.cs
@@ -3,17 +3,15 @@
 using EduApi.Web;
 using Swashbuckle.Application;
 
-[assembly: PreApplicationStartMethod(typeof(SwaggerConfig), "Register")]
-
 namespace EduApi.Web
 {
     public class SwaggerConfig
     {
-        public static void Register()
+        public static void Register(HttpConfiguration configuration)
         {
             var thisAssembly = typeof(SwaggerConfig).Assembly;
 
-            GlobalConfiguration.Configuration 
+            configuration
                 .EnableSwagger(c =>
                     {
                         // By default, the service root url is inferred from the request used to access the docs.
diff --git a/EduApi.Web/App_Start/WebApiConfig.cs b/EduApi.Web/App_Start/WebApiConfig.cs
index 0b8c048..34b3f89 100644
--- a/EduApi.Web/App_Start/WebApiConfig.cs
+++ b/EduApi.Web/App_Start/WebApiConfig.cs
@@ -3,12 +3,13 @@
 using System.Linq;
 using System.Web.Http;
 using System.Web.Http.Cors;
+using Owin;
 
 namespace EduApi.Web
 {
     public static class WebApiConfig
     {
-        public static void Register(HttpConfiguration config)
+        public static void Register(IAppBuilder app, HttpConfiguration config)
         {
             /* Web API configuration and services */
 
diff --git a/EduApi.Web/EduApi.Web.csproj b/EduApi.Web/EduApi.Web.csproj
index 5edd80b..1badb26 100644
--- a/EduApi.Web/EduApi.Web.csproj
+++ b/EduApi.Web/EduApi.Web.csproj
@@ -16,7 +16,7 @@
     <RootNamespace>EduApi.Web</RootNamespace>
     <AssemblyName>EduApi.Web</AssemblyName>
     <TargetFrameworkVersion>v4.6.1</TargetFrameworkVersion>
-    <UseIISExpress>false</UseIISExpress>
+    <UseIISExpress>true</UseIISExpress>
     <IISExpressSSLPort />
     <IISExpressAnonymousAuthentication />
     <IISExpressWindowsAuthentication />
@@ -57,10 +57,42 @@
       <Private>True</Private>
     </Reference>
     <Reference Include="Microsoft.CSharp" />
+    <Reference Include="Microsoft.IdentityModel.Logging, Version=1.1.2.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.IdentityModel.Logging.1.1.2\lib\net451\Microsoft.IdentityModel.Logging.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Microsoft.IdentityModel.Tokens, Version=5.1.2.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.IdentityModel.Tokens.5.1.2\lib\net451\Microsoft.IdentityModel.Tokens.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Microsoft.Owin, Version=3.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Owin.3.1.0\lib\net45\Microsoft.Owin.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Microsoft.Owin.FileSystems, Version=3.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Owin.FileSystems.3.1.0\lib\net45\Microsoft.Owin.FileSystems.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Microsoft.Owin.Host.SystemWeb, Version=3.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Owin.Host.SystemWeb.3.1.0\lib\net45\Microsoft.Owin.Host.SystemWeb.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Microsoft.Owin.StaticFiles, Version=3.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.Owin.StaticFiles.3.1.0\lib\net45\Microsoft.Owin.StaticFiles.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
     <Reference Include="Microsoft.Web.Infrastructure, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Web.Infrastructure.1.0.0.0\lib\net40\Microsoft.Web.Infrastructure.dll</HintPath>
       <Private>True</Private>
     </Reference>
+    <Reference Include="Newtonsoft.Json, Version=9.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
+      <HintPath>..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="Owin, Version=1.0.0.0, Culture=neutral, PublicKeyToken=f0ebd12fd5e55cc5, processorArchitecture=MSIL">
+      <HintPath>..\packages\Owin.1.0\lib\net40\Owin.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
     <Reference Include="SimpleInjector, Version=4.0.6.0, Culture=neutral, PublicKeyToken=984cb50dea722e99, processorArchitecture=MSIL">
       <HintPath>..\packages\SimpleInjector.4.0.6\lib\net45\SimpleInjector.dll</HintPath>
       <Private>True</Private>
@@ -73,6 +105,11 @@
       <HintPath>..\packages\Swashbuckle.Core.5.5.3\lib\net40\Swashbuckle.Core.dll</HintPath>
       <Private>True</Private>
     </Reference>
+    <Reference Include="System.IdentityModel" />
+    <Reference Include="System.IdentityModel.Tokens.Jwt, Version=5.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\System.IdentityModel.Tokens.Jwt.5.1.0\lib\net451\System.IdentityModel.Tokens.Jwt.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
     <Reference Include="System.Net.Http" />
     <Reference Include="System.Web.Cors, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.AspNet.Cors.5.2.3\lib\net45\System.Web.Cors.dll</HintPath>
@@ -91,6 +128,10 @@
       <HintPath>..\packages\Microsoft.AspNet.WebApi.Cors.5.2.3\lib\net45\System.Web.Http.Cors.dll</HintPath>
       <Private>True</Private>
     </Reference>
+    <Reference Include="System.Web.Http.Owin, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
+      <HintPath>..\packages\Microsoft.AspNet.WebApi.Owin.5.2.3\lib\net45\System.Web.Http.Owin.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
     <Reference Include="System.Xml.Linq" />
     <Reference Include="System.Drawing" />
     <Reference Include="System.Web" />
@@ -108,9 +149,6 @@
     </Reference>
   </ItemGroup>
   <ItemGroup>
-    <Reference Include="Newtonsoft.Json">
-      <HintPath>..\packages\Newtonsoft.Json.6.0.4\lib\net45\Newtonsoft.Json.dll</HintPath>
-    </Reference>
     <Reference Include="System.Net.Http.Formatting">
       <HintPath>..\packages\Microsoft.AspNet.WebApi.Client.5.2.3\lib\net45\System.Net.Http.Formatting.dll</HintPath>
     </Reference>
@@ -122,12 +160,14 @@
     </Reference>
   </ItemGroup>
   <ItemGroup>
-    <Content Include="Global.asax" />
     <Content Include="index.html" />
-    <Content Include="Web.config" />
+    <Content Include="Web.config">
+      <SubType>Designer</SubType>
+    </Content>
   </ItemGroup>
   <ItemGroup>
-    <Compile Include="App_Start\SimpleInjectorWebApiInitializer.cs" />
+    <Compile Include="App_Start\SimpleInjector\BaseContainer.cs" />
+    <Compile Include="App_Start\SimpleInjector\SimpleInjectorWebApiInitializer.cs" />
     <Compile Include="App_Start\SwaggerConfig.cs" />
     <Compile Include="App_Start\WebApiConfig.cs" />
     <Compile Include="Controllers\Admin\AdminController.cs" />
@@ -135,9 +175,6 @@
     <Compile Include="Data\DatabaseContext.cs" />
     <Compile Include="Data\Helpers\EntityHelpers.cs" />
     <Compile Include="Data\Models\BaseEntity.cs" />
-    <Compile Include="Global.asax.cs">
-      <DependentUpon>Global.asax</DependentUpon>
-    </Compile>
     <Compile Include="Migrations\201705152259561_Initial.cs" />
     <Compile Include="Migrations\201705152259561_Initial.Designer.cs">
       <DependentUpon>201705152259561_Initial.cs</DependentUpon>
@@ -149,10 +186,18 @@
     <Compile Include="Migrations\Configuration.cs" />
     <Compile Include="Models\Student.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
+    <Compile Include="Providers\ApplicationSettingsProvider.cs" />
+    <Compile Include="Providers\JWTSigningCredentialsProviders\ISigningCredentialsProvider.cs" />
+    <Compile Include="Providers\JWTSigningCredentialsProviders\HMACSHA256SigningCredentialsProvider.cs" />
+    <Compile Include="Providers\JWTSigningCredentialsProviders\RSASigningCredentialsProvider.cs" />
+    <Compile Include="Providers\JWTTokenProvider.cs" />
+    <Compile Include="Providers\RSAProvider.cs" />
     <Compile Include="Services\StudentsService.cs" />
+    <Compile Include="Startup.cs" />
   </ItemGroup>
   <ItemGroup>
     <Content Include="packages.config" />
+    <Content Include="rsaKey.json" />
     <None Include="Web.Debug.config">
       <DependentUpon>Web.config</DependentUpon>
     </None>
@@ -186,7 +231,7 @@
           <AutoAssignPort>True</AutoAssignPort>
           <DevelopmentServerPort>56621</DevelopmentServerPort>
           <DevelopmentServerVPath>/</DevelopmentServerVPath>
-          <IISUrl>http://localhost/EduApi.Web</IISUrl>
+          <IISUrl>http://localhost:56621/</IISUrl>
           <NTLMAuthentication>False</NTLMAuthentication>
           <UseCustomServer>False</UseCustomServer>
           <CustomServerUrl>
diff --git a/EduApi.Web/Global.asax b/EduApi.Web/Global.asax
deleted file mode 100644
index fe04ae8..0000000
--- a/EduApi.Web/Global.asax
+++ /dev/null
@@ -1 +0,0 @@
-<%@ Application Codebehind="Global.asax.cs" Inherits="EduApi.Web.WebApiApplication" Language="C#" %>
diff --git a/EduApi.Web/Global.asax.cs b/EduApi.Web/Global.asax.cs
deleted file mode 100644
index 2f7335b..0000000
--- a/EduApi.Web/Global.asax.cs
+++ /dev/null
@@ -1,17 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Web;
-using System.Web.Http;
-using System.Web.Routing;
-
-namespace EduApi.Web
-{
-    public class WebApiApplication : System.Web.HttpApplication
-    {
-        protected void Application_Start()
-        {
-            GlobalConfiguration.Configure(WebApiConfig.Register);
-        }
-    }
-}
diff --git a/EduApi.Web/Providers/ApplicationSettingsProvider.cs b/EduApi.Web/Providers/ApplicationSettingsProvider.cs
new file mode 100644
index 0000000..ec09815
--- /dev/null
+++ b/EduApi.Web/Providers/ApplicationSettingsProvider.cs
@@ -0,0 +1,21 @@
+using System;
+using System.Collections.Generic;
+using System.Configuration;
+using System.Linq;
+using System.Web;
+
+namespace EduApi.Web.Providers
+{
+    public interface IApplicationSettingsProvider
+    {
+        string GetValue(string key);
+    }
+
+    public class ApplicationSettingsProvider : IApplicationSettingsProvider
+    {
+        public string GetValue(string key)
+        {
+            return ConfigurationManager.AppSettings[key];
+        }
+    }
+}
\ No newline at end of file
diff --git a/EduApi.Web/Providers/JWTSigningCredentialsProviders/HMACSHA256SigningCredentialsProvider.cs b/EduApi.Web/Providers/JWTSigningCredentialsProviders/HMACSHA256SigningCredentialsProvider.cs
new file mode 100644
index 0000000..2f5d0c9
--- /dev/null
+++ b/EduApi.Web/Providers/JWTSigningCredentialsProviders/HMACSHA256SigningCredentialsProvider.cs
@@ -0,0 +1,28 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Security.Cryptography;
+using System.Text;
+using System.Web;
+using Microsoft.IdentityModel.Tokens;
+
+namespace EduApi.Web.Providers.JWTSigningCredentialsProviders
+{
+    public class HMACSHA256SigningCredentialsProvider : ISigningCredentialsProvider
+    {
+        private IApplicationSettingsProvider _appSettings;
+        public HMACSHA256SigningCredentialsProvider(IApplicationSettingsProvider appSettings)
+        {
+            _appSettings = appSettings;
+        }
+
+        public SigningCredentials GetSigningCredentials()
+        {
+            var hmacKey = _appSettings.GetValue("JWT.HmacSecretKey");
+            var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(hmacKey));
+            return new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
+        }
+
+    }
+}
\ No newline at end of file
diff --git a/EduApi.Web/Providers/JWTSigningCredentialsProviders/ISigningCredentialsProvider.cs b/EduApi.Web/Providers/JWTSigningCredentialsProviders/ISigningCredentialsProvider.cs
new file mode 100644
index 0000000..3628735
--- /dev/null
+++ b/EduApi.Web/Providers/JWTSigningCredentialsProviders/ISigningCredentialsProvider.cs
@@ -0,0 +1,10 @@
+using Microsoft.IdentityModel.Tokens;
+
+
+namespace EduApi.Web.Providers
+{
+    public interface ISigningCredentialsProvider
+    {
+        SigningCredentials GetSigningCredentials();
+    }
+}
\ No newline at end of file
diff --git a/EduApi.Web/Providers/JWTSigningCredentialsProviders/RSASigningCredentialsProvider.cs b/EduApi.Web/Providers/JWTSigningCredentialsProviders/RSASigningCredentialsProvider.cs
new file mode 100644
index 0000000..7ed8785
--- /dev/null
+++ b/EduApi.Web/Providers/JWTSigningCredentialsProviders/RSASigningCredentialsProvider.cs
@@ -0,0 +1,41 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Security.Cryptography;
+using System.Web;
+using Microsoft.IdentityModel.Tokens;
+
+namespace EduApi.Web.Providers.JWTSigningCredentialsProviders
+{
+    public class RSASigningCredentialsProvider : ISigningCredentialsProvider
+    {
+        private IApplicationSettingsProvider _appSettings;
+        private readonly IRSAProvider _rsaProvider;
+        public RSASigningCredentialsProvider(IApplicationSettingsProvider appSettings, IRSAProvider rsaProvider)
+        {
+            _appSettings = appSettings;
+            _rsaProvider = rsaProvider;
+        }
+
+        public SigningCredentials GetSigningCredentials()
+        {
+            var key = GetSecurityKey();
+            return new SigningCredentials(key, SecurityAlgorithms.RsaSha256Signature);
+        }
+        private RsaSecurityKey GetSecurityKey()
+        {
+            Directory.GetCurrentDirectory();
+            var rsaJsonFileName = _appSettings.GetValue("JWT.RsaJsonFileName");
+            var keyParameters = _rsaProvider.GetKeyParameters(rsaJsonFileName);
+
+            const int dwKeySize = 2048;
+            var provider = new RSACryptoServiceProvider(dwKeySize);
+            provider.ImportParameters(keyParameters);
+
+            var key = new RsaSecurityKey(provider);
+            return key;
+        }
+    }
+
+}
\ No newline at end of file
diff --git a/EduApi.Web/Providers/JWTTokenProvider.cs b/EduApi.Web/Providers/JWTTokenProvider.cs
new file mode 100644
index 0000000..c398b2b
--- /dev/null
+++ b/EduApi.Web/Providers/JWTTokenProvider.cs
@@ -0,0 +1,78 @@
+using System;
+using System.Collections.Generic;
+using System.Configuration;
+using System.IdentityModel.Tokens.Jwt;
+using System.IO;
+using System.Security.Claims;
+using System.Security.Cryptography;
+using Microsoft.IdentityModel.Tokens;
+
+
+namespace EduApi.Web.Providers
+{
+    public interface ISecurityTokenProvider
+    {
+        ClaimsPrincipal GetClaimsPrincipal(string tokenString);
+        string GetToken(IEnumerable<Claim> claims, int expirationMinutes = 1);
+    }
+
+    public class JWTTokenProvider : ISecurityTokenProvider
+    {
+        private readonly IApplicationSettingsProvider _appSettings;
+        private readonly ISigningCredentialsProvider _signingCredentialsProvider;
+
+        public JWTTokenProvider(IApplicationSettingsProvider appSettings, ISigningCredentialsProvider signingCredentialsProvider)
+        {
+            _appSettings = appSettings;
+            _signingCredentialsProvider = signingCredentialsProvider;
+        }
+
+        public ClaimsPrincipal GetClaimsPrincipal(string tokenString)
+        {
+            var issuer = _appSettings.GetValue("JWT.Issuer");
+            var appliesToAddress = _appSettings.GetValue("JWT.Audience");
+            var signingCredentials = _signingCredentialsProvider.GetSigningCredentials();
+
+            var validationParameters = new TokenValidationParameters
+            {
+                ValidIssuers = new [] { issuer },
+                ValidAudience = appliesToAddress,
+                IssuerSigningKey = signingCredentials.Key
+            };
+
+            var handler = new JwtSecurityTokenHandler();
+            SecurityToken securityToken;
+            var principal = handler.ValidateToken(tokenString, validationParameters, out securityToken);
+
+            return principal;
+        }
+
+        public string GetToken(IEnumerable<Claim> claims, int expirationMinutes = 1)
+        {
+            var identity = new ClaimsIdentity(claims);
+
+            var appliesToAddress = _appSettings.GetValue("JWT.Audience");
+            var issuer = _appSettings.GetValue("JWT.Issuer");
+            var expires = DateTime.Now.AddMinutes(expirationMinutes);
+
+            var securityTokenDescriptor = new SecurityTokenDescriptor
+            {
+                Issuer = issuer,
+                Audience = appliesToAddress,
+                SigningCredentials = _signingCredentialsProvider.GetSigningCredentials(),
+                Subject = identity,
+                Expires = expires,
+            };
+
+            var handler = new JwtSecurityTokenHandler()
+            {
+                TokenLifetimeInMinutes = expirationMinutes,
+                SetDefaultTimesOnTokenCreation = false
+            };
+            var securityToken = handler.CreateToken(securityTokenDescriptor);
+
+            return handler.WriteToken(securityToken);
+        }
+    }
+
+}
\ No newline at end of file
diff --git a/EduApi.Web/Providers/RSAProvider.cs b/EduApi.Web/Providers/RSAProvider.cs
new file mode 100644
index 0000000..22639dd
--- /dev/null
+++ b/EduApi.Web/Providers/RSAProvider.cs
@@ -0,0 +1,127 @@
+using System;
+using System.IO;
+using System.Security.Cryptography;
+using Newtonsoft.Json;
+
+
+namespace EduApi.Web.Providers
+{
+    public interface IRSAProvider
+    {
+        RSAParameters GetRandomKey();
+        void GenerateKeyAndSave(string file);
+
+        /// <summary>
+        /// This expects a file in the format: 
+        /// {
+        ///  "Modulus": "z7eXmrs9z3Xm7VXwYIdziDYzXGfi3XQiozIRa58m3ApeLVDcsDeq6Iv8C5zJ2DHydDyc0x6o5dtTRIb23r5/ZRj4I/UwbgrwMk5iHA0bVsXVPBDSWsrVcPDGafr6YbUNQnNWIF8xOqgpeTwxrqGiCJMUjuKyUx01PBzpBxjpnQ++Ryz6Y7MLqKHxBkDiOw5wk9cxO8/IMspSNJJosOtRXFTR74+bj+pvNBa8IJ+5Jf/UfJEEjk+qC+pohCAryRk0ziXcPdxXEv5KGT4zf3LdtHy1YwsaGLnTb62vgbdqqCJaVyHWOoXsDTQBLjxNl9o9CzP6CrfBGK6JV8pA/xfQlw==",
+        ///  "Exponent": "AQAB",
+        ///  "P": "+VsETS2exORYlg2CxaRMzyG60dTfHSuv0CsfmO3PFv8mcYxglGa6bUV5VGtB6Pd1HdtV/iau1WR/hYXQphCP99Pu803NZvFvVi34alTFbh0LMfZ+2iQ9toGzVfO8Qdbj7go4TWoHNzCpG4UCx/9wicVIWJsNzkppSEcXYigADMM=",
+        ///  "Q": "1UCJ2WAHasiCdwJtV2Ep0VCK3Z4rVFLWg3q1v5OoOU1CkX5/QAcrr6bX6zOdHR1bDCPsH1n1E9cCMvwakgi9M4Ch0dYF5CxDKtlx+IGsZJL0gB6HhcEsHat+yXUtOAlS4YB82G1hZqiDw+Q0O8LGyu/gLDPB+bn0HmbkUC2kP50=",
+        ///  "DP": "CBqvLxr2eAu73VSfFXFblbfQ7JTwk3AiDK/6HOxNuL+eLj6TvP8BvB9v7BB4WewBAHFqgBIdyI21n09UErGjHDjlIT88F8ZtCe4AjuQmboe/H2aVhN18q/vXKkn7qmAjlE78uXdiuKZ6OIzAJGPm8nNZAJg5gKTmexTka6pFJiU=",
+        ///  "DQ": "ND6zhwX3yzmEfROjJh0v2ZAZ9WGiy+3fkCaoEF9kf2VmQa70DgOzuDzv+TeT7mYawEasuqGXYVzztPn+qHhrogqJmpcMqnINopnTSka6rYkzTZAtM5+35yz0yvZiNbBTFdwcuglSK4xte7iU828stNs/2JR1mXDtVeVvWhVUgCE=",
+        ///  "InverseQ": "Heo0BHv685rvWreFcI5MXSy3AN0Zs0YbwAYtZZd1K/OzFdYVdOnqw+Dg3wGU9yFD7h4icJFwZUBGOZ0ww/gZX/5ZgJK35/YY/DeV+qfZmywKauUzC6+DPsrDdW1uf1eAety6/huRZTduBFTwIOlPdZ+PY49j6S38DjPFNImn0cU=",
+        ///  "D": "IvjMI5cGzxkQqkDf2cC0aOiHOTWccqCM/GD/odkH1+A+/u4wWdLliYWYB/R731R5d6yE0t7EnP6SRGVcxx/XnxPXI2ayorRgwHeF+ScTxUZFonlKkVK5IOzI2ysQYMb01o1IoOamCTQq12iVDMvV1g+9VFlCoM+4GMjdSv6cxn6ELabuD4nWt8tCskPjECThO+WdrknbUTppb2rRgMvNKfsPuF0H7+g+WisbzVS+UVRvJe3U5O5X5j7Z82Uq6hw2NCwv2YhQZRo/XisFZI7yZe0OU2JkXyNG3NCk8CgsM9yqX8Sk5esXMZdJzjwXtEpbR7FiKZXiz9LhPSmzxz/VsQ=="
+        /// }
+        /// 
+        /// Generate 
+        /// </summary>
+        /// <param name="file"></param>
+        /// <returns></returns>
+        RSAParameters GetKeyParameters(string file);
+    }
+
+    public class RSAProvider : IRSAProvider
+    {
+        public RSAParameters GetRandomKey()
+        {
+            using (var rsa = new RSACryptoServiceProvider(2048))
+            {
+                try
+                {
+                    return rsa.ExportParameters(true);
+                }
+                finally
+                {
+                    rsa.PersistKeyInCsp = false;
+                }
+            }
+        }
+
+        public void GenerateKeyAndSave(string file)
+        {
+            var p = GetRandomKey();
+            RSAParametersWithPrivate t = new RSAParametersWithPrivate();
+            t.SetParameters(p);
+            File.WriteAllText(file, JsonConvert.SerializeObject(t));
+        }
+
+        /// <summary>
+        /// This expects a file in the format: 
+        /// {
+        ///  "Modulus": "z7eXmrs9z3Xm7VXwYIdziDYzXGfi3XQiozIRa58m3ApeLVDcsDeq6Iv8C5zJ2DHydDyc0x6o5dtTRIb23r5/ZRj4I/UwbgrwMk5iHA0bVsXVPBDSWsrVcPDGafr6YbUNQnNWIF8xOqgpeTwxrqGiCJMUjuKyUx01PBzpBxjpnQ++Ryz6Y7MLqKHxBkDiOw5wk9cxO8/IMspSNJJosOtRXFTR74+bj+pvNBa8IJ+5Jf/UfJEEjk+qC+pohCAryRk0ziXcPdxXEv5KGT4zf3LdtHy1YwsaGLnTb62vgbdqqCJaVyHWOoXsDTQBLjxNl9o9CzP6CrfBGK6JV8pA/xfQlw==",
+        ///  "Exponent": "AQAB",
+        ///  "P": "+VsETS2exORYlg2CxaRMzyG60dTfHSuv0CsfmO3PFv8mcYxglGa6bUV5VGtB6Pd1HdtV/iau1WR/hYXQphCP99Pu803NZvFvVi34alTFbh0LMfZ+2iQ9toGzVfO8Qdbj7go4TWoHNzCpG4UCx/9wicVIWJsNzkppSEcXYigADMM=",
+        ///  "Q": "1UCJ2WAHasiCdwJtV2Ep0VCK3Z4rVFLWg3q1v5OoOU1CkX5/QAcrr6bX6zOdHR1bDCPsH1n1E9cCMvwakgi9M4Ch0dYF5CxDKtlx+IGsZJL0gB6HhcEsHat+yXUtOAlS4YB82G1hZqiDw+Q0O8LGyu/gLDPB+bn0HmbkUC2kP50=",
+        ///  "DP": "CBqvLxr2eAu73VSfFXFblbfQ7JTwk3AiDK/6HOxNuL+eLj6TvP8BvB9v7BB4WewBAHFqgBIdyI21n09UErGjHDjlIT88F8ZtCe4AjuQmboe/H2aVhN18q/vXKkn7qmAjlE78uXdiuKZ6OIzAJGPm8nNZAJg5gKTmexTka6pFJiU=",
+        ///  "DQ": "ND6zhwX3yzmEfROjJh0v2ZAZ9WGiy+3fkCaoEF9kf2VmQa70DgOzuDzv+TeT7mYawEasuqGXYVzztPn+qHhrogqJmpcMqnINopnTSka6rYkzTZAtM5+35yz0yvZiNbBTFdwcuglSK4xte7iU828stNs/2JR1mXDtVeVvWhVUgCE=",
+        ///  "InverseQ": "Heo0BHv685rvWreFcI5MXSy3AN0Zs0YbwAYtZZd1K/OzFdYVdOnqw+Dg3wGU9yFD7h4icJFwZUBGOZ0ww/gZX/5ZgJK35/YY/DeV+qfZmywKauUzC6+DPsrDdW1uf1eAety6/huRZTduBFTwIOlPdZ+PY49j6S38DjPFNImn0cU=",
+        ///  "D": "IvjMI5cGzxkQqkDf2cC0aOiHOTWccqCM/GD/odkH1+A+/u4wWdLliYWYB/R731R5d6yE0t7EnP6SRGVcxx/XnxPXI2ayorRgwHeF+ScTxUZFonlKkVK5IOzI2ysQYMb01o1IoOamCTQq12iVDMvV1g+9VFlCoM+4GMjdSv6cxn6ELabuD4nWt8tCskPjECThO+WdrknbUTppb2rRgMvNKfsPuF0H7+g+WisbzVS+UVRvJe3U5O5X5j7Z82Uq6hw2NCwv2YhQZRo/XisFZI7yZe0OU2JkXyNG3NCk8CgsM9yqX8Sk5esXMZdJzjwXtEpbR7FiKZXiz9LhPSmzxz/VsQ=="
+        /// }
+        /// 
+        /// Generate 
+        /// </summary>
+        /// <param name="file"></param>
+        /// <returns></returns>
+        public RSAParameters GetKeyParameters(string file)
+        {
+            if (!File.Exists(file)) throw new FileNotFoundException("Check configuration - cannot find auth key file: " + file);
+            var keyParams = JsonConvert.DeserializeObject<RSAParametersWithPrivate>(File.ReadAllText(file));
+            return keyParams.ToRSAParameters();
+        }
+
+        /// <summary>
+        /// Util class to allow restoring RSA parameters from JSON as the normal
+        /// RSA parameters class won't restore private key info.
+        /// </summary>
+        private class RSAParametersWithPrivate
+        {
+            public byte[] D { get; set; }
+            public byte[] DP { get; set; }
+            public byte[] DQ { get; set; }
+            public byte[] Exponent { get; set; }
+            public byte[] InverseQ { get; set; }
+            public byte[] Modulus { get; set; }
+            public byte[] P { get; set; }
+            public byte[] Q { get; set; }
+
+            public void SetParameters(RSAParameters p)
+            {
+                D = p.D;
+                DP = p.DP;
+                DQ = p.DQ;
+                Exponent = p.Exponent;
+                InverseQ = p.InverseQ;
+                Modulus = p.Modulus;
+                P = p.P;
+                Q = p.Q;
+            }
+            public RSAParameters ToRSAParameters()
+            {
+                return new RSAParameters()
+                {
+                    D = this.D,
+                    DP = this.DP,
+                    DQ = this.DQ,
+                    Exponent = this.Exponent,
+                    InverseQ = this.InverseQ,
+                    Modulus = this.Modulus,
+                    P = this.P,
+                    Q = this.Q
+
+                };
+            }
+        }
+    }
+
+}
\ No newline at end of file
diff --git a/EduApi.Web/Startup.cs b/EduApi.Web/Startup.cs
new file mode 100644
index 0000000..d6db9eb
--- /dev/null
+++ b/EduApi.Web/Startup.cs
@@ -0,0 +1,27 @@
+using System.Web.Http;
+using EduApi.Web;
+using EduApi.Web.Providers;
+using EduApi.Web.SimpleInjector;
+using Microsoft.Owin;
+using Microsoft.Owin.FileSystems;
+using Microsoft.Owin.StaticFiles;
+using Owin;
+using SimpleInjector.Integration.WebApi;
+
+[assembly: OwinStartup(typeof(Startup))]
+namespace EduApi.Web
+{    public class Startup
+    {
+        public void Configuration(IAppBuilder appBuilder)
+        {
+            var httpConfiguration = new HttpConfiguration();
+            WebApiConfig.Register(appBuilder, httpConfiguration);
+            appBuilder.UseWebApi(httpConfiguration);
+
+            SimpleInjectorWebApiInitializer.Initialize(httpConfiguration);
+            SwaggerConfig.Register(httpConfiguration);
+
+            appBuilder.UseFileServer(true);
+        }
+    }
+}
\ No newline at end of file
diff --git a/EduApi.Web/Web.config b/EduApi.Web/Web.config
index 2c27010..d48f1d5 100644
--- a/EduApi.Web/Web.config
+++ b/EduApi.Web/Web.config
@@ -4,13 +4,21 @@
   http://go.microsoft.com/fwlink/?LinkId=301879
   -->
 <configuration>
+  <appSettings>
+    <add key="JWT.Audience" value="Edu Api" />
+    <add key="JWT.Issuer" value="Edu Api" />
+    <add key="JWT.UseRsa" value="true" />
+    <add key="JWT.RsaJsonFileName" value="rsaKey.json" />
+    <add key="JWT.HmacSecretKey" value="db3OIsj+BXE9NZDy0t8W3TcNekrF+2d/1sFnWG4HnV8TZY30iTOdtVWJG8abWvB1GlOgJuQZdcF2Luqm/hccMw==" />
+
+  </appSettings>
   <configSections>
     <!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
     <section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
   </configSections>
   <connectionStrings>
     <clear />
-    <add name="connStr" connectionString="Database=eduApi; Data Source=.; Persist Security Info=True; User Id=sa; Password=1qaz2wsx;" providerName="System.Data.SqlClient" />
+    <add name="connStr" connectionString="Database=eduApi; Data Source=.; Persist Security Info=True; Integrated Security=true" providerName="System.Data.SqlClient" />
   </connectionStrings>
     <appSettings></appSettings>
   <system.web>
@@ -45,11 +53,23 @@
       </dependentAssembly>
       <dependentAssembly>
         <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
-        <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
+        <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0" />
       </dependentAssembly>
       <dependentAssembly>
         <assemblyIdentity name="System.Net.Http.Formatting" publicKeyToken="31bf3856ad364e35" culture="neutral" />
         <bindingRedirect oldVersion="0.0.0.0-5.2.3.0" newVersion="5.2.3.0" />
+      </dependentAssembly>
+          <dependentAssembly>
+        <assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-3.1.0.0" newVersion="3.1.0.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.IdentityModel.Tokens" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-5.1.2.0" newVersion="5.1.2.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.IdentityModel.Logging" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-1.1.2.0" newVersion="1.1.2.0" />
       </dependentAssembly>
     </assemblyBinding>
   </runtime>
diff --git a/EduApi.Web/packages.config b/EduApi.Web/packages.config
index 6ad44ae..7683325 100644
--- a/EduApi.Web/packages.config
+++ b/EduApi.Web/packages.config
@@ -6,16 +6,25 @@
   <package id="Microsoft.AspNet.WebApi.Client" version="5.2.3" targetFramework="net461" />
   <package id="Microsoft.AspNet.WebApi.Core" version="5.2.3" targetFramework="net461" />
   <package id="Microsoft.AspNet.WebApi.Cors" version="5.2.3" targetFramework="net461" />
+  <package id="Microsoft.AspNet.WebApi.Owin" version="5.2.3" targetFramework="net461" />
   <package id="Microsoft.AspNet.WebApi.WebHost" version="5.2.3" targetFramework="net461" />
   <package id="Microsoft.CodeDom.Providers.DotNetCompilerPlatform" version="1.0.0" targetFramework="net461" />
+  <package id="Microsoft.IdentityModel.Logging" version="1.1.2" targetFramework="net461" />
+  <package id="Microsoft.IdentityModel.Tokens" version="5.1.2" targetFramework="net461" />
   <package id="Microsoft.Net.Compilers" version="1.0.0" targetFramework="net461" developmentDependency="true" />
+  <package id="Microsoft.Owin" version="3.1.0" targetFramework="net461" />
+  <package id="Microsoft.Owin.FileSystems" version="3.1.0" targetFramework="net461" />
+  <package id="Microsoft.Owin.Host.SystemWeb" version="3.1.0" targetFramework="net461" />
+  <package id="Microsoft.Owin.StaticFiles" version="3.1.0" targetFramework="net461" />
   <package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net461" />
-  <package id="Newtonsoft.Json" version="6.0.4" targetFramework="net461" />
+  <package id="Newtonsoft.Json" version="9.0.1" targetFramework="net461" />
+  <package id="Owin" version="1.0" targetFramework="net461" />
   <package id="SimpleInjector" version="4.0.6" targetFramework="net461" />
   <package id="SimpleInjector.Integration.WebApi" version="4.0.6" targetFramework="net461" />
   <package id="SimpleInjector.Integration.WebApi.WebHost.QuickStart" version="4.0.6" targetFramework="net461" />
   <package id="Swashbuckle" version="5.5.3" targetFramework="net461" />
   <package id="Swashbuckle.Core" version="5.5.3" targetFramework="net461" />
+  <package id="System.IdentityModel.Tokens.Jwt" version="5.1.0" targetFramework="net461" />
   <package id="WebActivator" version="1.4.4" targetFramework="net461" />
   <package id="WebActivatorEx" version="2.0" targetFramework="net461" />
 </packages>
\ No newline at end of file
diff --git a/EduApi.Web/rsaKey.json b/EduApi.Web/rsaKey.json
new file mode 100644
index 0000000..1a3bea6
--- /dev/null
+++ b/EduApi.Web/rsaKey.json
@@ -0,0 +1 @@
+{"D":"Sl3JZYLBe5aZLBmdEPmlySbRgnePraWYpji1EyARaHMa5d7jcz1PuUP3UCLe75U9BeB+UMNlkptSFet4KnmXyvbpYJwdhnwoYOKOV9zvKCPzV2nJMYL8iBvxvkyQreQF1b+iJDiXaFpqyExHLW9JI46E/bf2ejsWbZFcGqeY1seyQ3Upbw0RXXy1jFegSWE9zPcrlq/X1Acr4cqDrfUylZmMAfujiPeSfLfvSUsR02e3YtkGhPVdPtsB+10iUwYolRpzZ+pAs3GYEngO5lM9vGR3PsX8ETS2YlbIikIRV7MmFOYAgRXR9N7aGNgB+/FWpgWKHLVri94fMjOqA3Kz4Q==","DP":"fwgt9tvKCJNgvq8wUsDCD2aT8JzElEslOPvZQqSGtn0jYmosCfN8nfGlNKX2aXhK/4wdn3afnweczjhMr6CtrW0VluNUjIAIoJ/aECTNP6V5SeB3LLPHaWHlQ8fffQHbtfKuTI6KPttTYpWdngGHfEwlCC3i06TUTqlbBHRQsMc=","DQ":"HGV5ZHwfRmxK9127fy0ep87KK+khZVzY47IF8orpyhB69DjG0gFVJTITC6hALDrG+1DMfqNWSDOKnf0aGJH9mx8SnDXI2rZv+zSo4qmpoHbnxlwgJmEmFnR2Rt7v/VA4bHnKuuoP/NE5LpcHRTg7RW+j7BHVcKbLx7vMtNQ/Z4U=","Exponent":"AQAB","InverseQ":"anKqDoLKoixe99kTs/nNRFzaopAvy2eP1xCs/iScaHMSTRlE/+nGaf1XBaoBwcaBQpfaHcoMTLMk8m26+wp1MMxQaZ+Oxsd/EGjMjbveUxq5w5SQ0IPicdPCcWpHCst42yGm/oqwdJImwxv+rZx16wYVdfpn9MTu9HY0qsWWAak=","Modulus":"yFW821cI0l+uihbTaQvw4GVMycwqe6LKqxLkQo79et7IcxjDfrQDmtnfCyKW4adnaMgQAgnU9ij2VP+6MNg0k/rTi+KvS8hCThGAfQvGeOtT4an4tfaNCfBG/V9eT4Sgjih9pC9u4PSrFo0VvLjELQjCwm4nweO4tDu0Bm/U4Z9fdPoFVVzF0nFOyNGYEm1jNCVhfkEyxx2b6AXGhl/c3HGjuHfhc7Os0YvjXBRRFf7jZf0tWWRUW0uSzaJEU9u9ObJelG4A7HBEDvQPk5+GWwYs15Tyr1bXiYROuH0uWmLtqmafnHR/FIlJj79BoxVMI+HALmU1lYGcgsgycf86LQ==","P":"1wHWg4Mn/qkdd6jGnokIgoopIXpq/iCNJBlFN84vef/Jn/kdKegSC5yBi7MyHgU54bom1SPSNQgVq8qSmcbmPG7oBTB9qxmqkmSM+0CLBwhenjjuXKUuEb2L5tTQ7RE21xxv8G3Y20VV2TKckZPOxTcxszVC7/OtEDBoE00GFUc=","Q":"7ofFAKPr3wrfotYo+rRlORMpXcELLBuBO1quUQItLniE+kgnunGAgm9wE8ugVe7pbaadFfqEi7VH6KDpzup7JcGVI+jN0FVmXK6x0cC/bhG59HJmUx9zBrYyYKN/hBvAGtjtc5cYtBzPGpWvKLx9Imq/4CoMjNZXwcZD4ETpvus="}
\ No newline at end of file