diff --git a/Bootstrap.Admin/Controllers/Api/LoginController.cs b/Bootstrap.Admin/Controllers/Api/LoginController.cs
index ad6905ae..8b369aac 100644
--- a/Bootstrap.Admin/Controllers/Api/LoginController.cs
+++ b/Bootstrap.Admin/Controllers/Api/LoginController.cs
@@ -1,10 +1,7 @@
 using Bootstrap.Security;
-using Longbow.Cache;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Newtonsoft.Json.Linq;
-using System;
-using System.Linq;
 
 namespace Bootstrap.Admin.Controllers.Api
 {
@@ -17,12 +14,6 @@ namespace Bootstrap.Admin.Controllers.Api
     [Route("api/[controller]")]
     public class LoginController : Controller
     {
-        [HttpGet]
-        public object Get()
-        {
-            var token = Request.Headers["Token"];
-            return new { UserName = User.Identity.Name, Token = token };
-        }
         /// <summary>
         /// 
         /// </summary>
@@ -30,18 +21,17 @@ namespace Bootstrap.Admin.Controllers.Api
         /// <returns></returns>
         [AllowAnonymous]
         [HttpPost]
-        public object Post([FromBody]JObject value)
+        public ActionResult Post([FromBody]JObject value)
         {
             dynamic user = value;
             string userName = user.userName;
             string password = user.password;
             if (BootstrapUser.Authenticate(userName, password))
             {
-                var token = CacheManager.AddOrUpdate(string.Format("WebApi-{0}", userName), k => new { UserName = userName, Token = Guid.NewGuid().ToString() }, (k, info) => info, "WebApi");
-                CacheManager.AddOrUpdate(token.Token, k => token, (k, info) => info, "Token");
-                return token;
+                var token = BootstrapAdminJwtTokenHandler.CreateToken(userName);
+                return new JsonResult(new { token });
             }
-            return new { UserName = userName };
+            return new NoContentResult();
         }
         /// <summary>
         /// 
diff --git a/Bootstrap.Admin/Startup.cs b/Bootstrap.Admin/Startup.cs
index 4c8c95a2..506b0dd8 100644
--- a/Bootstrap.Admin/Startup.cs
+++ b/Bootstrap.Admin/Startup.cs
@@ -79,7 +79,6 @@ namespace Bootstrap.Admin
             app.UseCors(builder => builder.WithOrigins(Configuration["AllowOrigins"].Split(',', StringSplitOptions.RemoveEmptyEntries)).AllowAnyHeader().AllowAnyMethod().AllowCredentials());
             app.UseHttpsRedirection();
             app.UseStaticFiles();
-            app.UseCookiePolicy();
             app.UseAuthentication();
             app.UseBootstrapRoleAuthorization();
             app.UseWebSocketHandler(options => options.UseAuthentication = true, WSHelper.WebSocketMessageHandler);
@@ -92,4 +91,4 @@ namespace Bootstrap.Admin
             });
         }
     }
-}
+}
\ No newline at end of file
diff --git a/Bootstrap.Admin/appsettings.json b/Bootstrap.Admin/appsettings.json
index 77aa4267..c1a2726f 100644
--- a/Bootstrap.Admin/appsettings.json
+++ b/Bootstrap.Admin/appsettings.json
@@ -15,6 +15,12 @@
   "ConnectionStrings": {
     "ba": "Data Source=.;Initial Catalog=BootstrapAdmin;User ID=sa;Password=sa"
   },
+  "TokenValidateOption": {
+    "Issuer": "BA",
+    "Audience": "api",
+    "Expires": 5,
+    "SecurityKey": "BootstrapAdmin-V1.1"
+  },
   "ApplicationName": "__bd__",
   "ApplicationDiscriminator": "BootstrapAdmin",
   "KeyPath": "D:\\App\\Web-App\\keys",