diff --git a/BackEndAaaapero/Controllers/UsersController.cs b/BackEndAaaapero/Controllers/UsersController.cs
new file mode 100644
index 0000000..51f8863
--- /dev/null
+++ b/BackEndAaaapero/Controllers/UsersController.cs
@@ -0,0 +1,78 @@
+using System;
+using System.Collections.Generic;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+using AutoMapper;
+using BackEndAaaapero.Helpers;
+using BackEndAaaapero.Models;
+using DTO;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Configuration;
+using Microsoft.IdentityModel.Tokens;
+using Services;
+
+namespace Controllers
+{
+    [Authorize]
+    [ApiController]
+    [Route("[controller]")]
+    public class UsersController : ControllerBase
+    {
+        private IUserService _userService;
+        private IMapper _mapper;
+        public IConfiguration Configuration;
+
+        public UsersController(
+            IUserService userService,
+            IMapper mapper,
+            IConfiguration configuration)
+        {
+            _userService = userService;
+            _mapper = mapper;
+           Configuration = configuration;
+        }
+
+        [AllowAnonymous]
+        [HttpPost("authenticate")]
+        public IActionResult Authenticate([FromBody]AuthenticateModel model)
+        {
+            var user = _userService.Authenticate(model.Username, model.Password);
+
+            if (user == null)
+                return BadRequest(new { message = "Username or password is incorrect" });
+
+            var tokenHandler = new JwtSecurityTokenHandler();
+            var key = Encoding.ASCII.GetBytes(Configuration["Secret"]);
+            var tokenDescriptor = new SecurityTokenDescriptor
+            {
+                Subject = new ClaimsIdentity(new Claim[]
+                {
+                    new Claim(ClaimTypes.Name, user.Id.ToString())
+                }),
+                Expires = DateTime.UtcNow.AddDays(7),
+                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
+            };
+            var token = tokenHandler.CreateToken(tokenDescriptor);
+            var tokenString = tokenHandler.WriteToken(token);
+
+            // return basic user info and authentication token
+            return Ok(new
+            {
+                Id = user.Id,
+                Username = user.Username,
+                FirstName = user.FirstName,
+                LastName = user.LastName,
+                Token = tokenString
+            });
+        }
+
+        [HttpDelete("{id}")]
+        public IActionResult Delete(int id)
+        {
+            _userService.Delete(id);
+            return Ok();
+        }
+    }
+}
\ No newline at end of file
diff --git a/BackEndAaaapero/DTO/AuthenticateModel.cs b/BackEndAaaapero/DTO/AuthenticateModel.cs
new file mode 100644
index 0000000..894d0d4
--- /dev/null
+++ b/BackEndAaaapero/DTO/AuthenticateModel.cs
@@ -0,0 +1,13 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace DTO
+{
+    public class AuthenticateModel
+    {
+        [Required]
+        public string Username { get; set; }
+
+        [Required]
+        public string Password { get; set; }
+    }
+}
\ No newline at end of file