diff --git a/WorkFlow.API/Controllers/AuthController.cs b/WorkFlow.API/Controllers/AuthController.cs
index 6628d37..762f497 100644
--- a/WorkFlow.API/Controllers/AuthController.cs
+++ b/WorkFlow.API/Controllers/AuthController.cs
@@ -6,10 +6,10 @@ using DigitalData.UserManager.Application.Contracts;
 using DigitalData.UserManager.Application.DTOs.User;
 using Microsoft.AspNetCore.Authorization;
 using DigitalData.UserManager.Application;
-using DigitalData.UserManager.Application.DTOs.Auth;
 using DigitalData.Core.Abstractions.Application;
 using Microsoft.Extensions.Localization;
 using DigitalData.Core.DTO;
+using WorkFlow.API.Models;
 
 namespace WorkFlow.API.Controllers
 {
@@ -44,20 +44,39 @@ namespace WorkFlow.API.Controllers
         {
             try
             {
-                bool isValid = _dirSearchService.ValidateCredentials(login.Username, login.Password);
+                var username = string.Empty;
+                DataResult<UserReadDto>? uRes = null;
+
+                if(login.Username is not null && login.UserId is not null)
+                    return BadRequest("Invalid request: either 'UserId' or 'Username' must be provided, but not both.");
+                else if(login.Username is not null)
+                    username = login.Username;
+                else if(login.UserId is int userId)
+                {
+                    uRes = await _userService.ReadByIdAsync(userId);
+                    if (!uRes.IsSuccess || uRes.Data is null)
+                    {
+                        return Unauthorized(uRes);
+                    }
+                }
+                else
+                    return BadRequest("Invalid request: either 'UserId' or 'Username' must be provided, but not both.");
+
+                bool isValid = _dirSearchService.ValidateCredentials(username, login.Password);
 
                 if (!isValid)
                     return Unauthorized(Result.Fail().Message(_localizer[Key.UserNotFound]));
 
-                var gouMsg = await _gouService.HasGroup(login.Username, "PM_USER", caseSensitive: false);
+                var gouMsg = await _gouService.HasGroup(username, "PM_USER", caseSensitive: false);
                 if (!gouMsg.IsSuccess)
                     return Unauthorized(Result.Fail().Message(_localizer[Key.UnauthorizedUser]));
 
                 //find the user
-                var uRes = await _userService.ReadByUsernameAsync(login.Username);
+                uRes ??= await _userService.ReadByUsernameAsync(username);
                 if (!uRes.IsSuccess || uRes.Data is null)
                 {
-                    return Unauthorized(uRes);
+                    _logger.LogNotice(uRes.Notices);
+                    return Unauthorized();
                 }
 
                 UserReadDto user = uRes.Data;
diff --git a/WorkFlow.API/Models/LoginDto.cs b/WorkFlow.API/Models/LoginDto.cs
index 0d11d41..05ae5fe 100644
--- a/WorkFlow.API/Models/LoginDto.cs
+++ b/WorkFlow.API/Models/LoginDto.cs
@@ -1,9 +1,4 @@
 namespace WorkFlow.API.Models
 {
-    public record LogInDto(int? UserId, string? Username, string Password)
-    {
-        public bool HasUserId => UserId is not null;
-        public bool HasUsername => Username is not null;
-        public bool IsInvalid => !HasUserId && !HasUsername;
-    };
+    public record LogInDto(int? UserId, string? Username, string Password);
 }
\ No newline at end of file