diff --git a/WorkFlow.API/Models/ModelExtensions.cs b/WorkFlow.API/Models/ModelExtensions.cs
index cbc67f7..c7bc6e8 100644
--- a/WorkFlow.API/Models/ModelExtensions.cs
+++ b/WorkFlow.API/Models/ModelExtensions.cs
@@ -12,5 +12,7 @@ namespace WorkFlow.API.Models
             new (ClaimTypes.GivenName, user.Prename ?? ""),
             new (ClaimTypes.Email, user.Email ?? "")
         ];
+
+        public static Dictionary<string, object> ToClaimDictionary(this UserReadDto user) => user.ToClaimList().ToDictionary(claim => claim.Type, claim => (object) claim.Value);
     }
 }
\ No newline at end of file
diff --git a/WorkFlow.API/Program.cs b/WorkFlow.API/Program.cs
index 951cde6..3f4af42 100644
--- a/WorkFlow.API/Program.cs
+++ b/WorkFlow.API/Program.cs
@@ -5,6 +5,10 @@ using WorkFlow.Infrastructure;
 using Microsoft.AspNetCore.Authentication.Cookies;
 using DigitalData.Core.API;
 using DigitalData.Core.Application;
+using DigitalData.UserManager.Application.DTOs.User;
+using Microsoft.IdentityModel.Tokens;
+using WorkFlow.API.Models;
+using System.Security.Claims;
 
 var builder = WebApplication.CreateBuilder(args);
 var config = builder.Configuration;
@@ -16,6 +20,10 @@ builder.Services.AddWorkFlow().AddUserManager<WFDBContext>();
 builder.Services.AddCookieBasedLocalizer();
 builder.ConfigureBySection<DirectorySearchOptions>();
 builder.Services.AddDirectorySearchService();
+builder.Services.AddJWTService<UserReadDto>(user => new SecurityTokenDescriptor()
+{
+    Claims = user.ToClaimList().ToDictionary(claim => claim.Type, claim => claim.Value as object)
+});
 
 builder.Services.AddControllers();