diff --git a/WorkFlow.API/Models/AuthTokenKeys.cs b/WorkFlow.API/Models/AuthTokenKeys.cs
new file mode 100644
index 0000000..18a1838
--- /dev/null
+++ b/WorkFlow.API/Models/AuthTokenKeys.cs
@@ -0,0 +1,8 @@
+namespace WorkFlow.API.Models;
+
+public class AuthTokenKeys
+{
+    public string Cookie { get; init; } = "AuthToken";
+
+    public string QueryString { get; init; } = "AuthToken";
+}
diff --git a/WorkFlow.API/Program.cs b/WorkFlow.API/Program.cs
index 886a2e4..90423c1 100644
--- a/WorkFlow.API/Program.cs
+++ b/WorkFlow.API/Program.cs
@@ -14,6 +14,7 @@ using WorkFlow.API.Extensions;
 using WorkFlow.API.Filters;
 using Microsoft.OpenApi.Models;
 using DigitalData.Auth.Client;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
 
 var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger();
 logger.Info("Logging initialized.");
@@ -54,6 +55,8 @@ try
 
     builder.Services.AddControllers();
 
+    var authTokenKeys = config.GetSection(nameof(AuthTokenKeys)).Get<AuthTokenKeys>() ?? new();
+
     builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
         .AddJwtBearer(opt =>
         {
@@ -67,7 +70,23 @@ try
                 ValidateIssuer = true,
                 ValidIssuer = authPublicKey.Issuer,
                 ValidateAudience = true,
-                ValidAudience = authPublicKey.Audience
+                ValidAudience = authPublicKey.Audience,
+            };
+
+            opt.Events = new JwtBearerEvents
+            {
+                OnMessageReceived = context =>
+                {
+                    // if there is no token read related cookie or query string
+                    if (context.Token is null)   // if there is no token
+                    {
+                        if (context.Request.Cookies.TryGetValue(authTokenKeys.Cookie, out var cookieToken) && cookieToken is not null)
+                            context.Token = cookieToken;
+                        else if (context.Request.Query.TryGetValue(authTokenKeys.QueryString, out var queryStrToken))
+                            context.Token = queryStrToken;
+                    }
+                    return Task.CompletedTask;
+                }
             };
         });
 
diff --git a/WorkFlow.API/appsettings.json b/WorkFlow.API/appsettings.json
index 8e5c1f8..7d9567f 100644
--- a/WorkFlow.API/appsettings.json
+++ b/WorkFlow.API/appsettings.json
@@ -83,6 +83,7 @@
   },
   "AuthPublicKey": {
     "Issuer": "auth.digitaldata.works",
-    "Audience": "work-flow.digitaldata.works"
+    "Audience": "work-flow.digitaldata.works",
+    "Content": "-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QCd7dH/xOUITFZbitMa/xnh8a0LyL6ZBvSRAwkI9ceplTRSHJXoM1oB+xtjWE1kOuHVLe941Tm03szS4+/rHIm0Ejva/KKlv7sPFAHE/pWuoPS303vOHgI4HAFcuwywA8CghUWzaaK5LU/Hl8srWwxBHv5hKIUjJFJygeAIENvFOZ1gFbB3MPEC99PiPOwAmfl4tMQUmSsFyspl/RWVi7bTv26ZE+m3KPcWppmvmYjXlSitxRaySxnfFvpca/qWfd/uUUg2KWKtpAwWVkqr0qD9v3TyKSgHoGDsrFpwSx8qufUJSinmZ1u/0iKl6TXeHubYS4C4SUSVjOWXymI2ZQIDAQAB-----END PUBLIC KEY-----"
   }
 }
\ No newline at end of file