diff --git a/app/__init__.py b/app/__init__.py
index d2fab1c..1a6ef13 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -8,38 +8,43 @@ from app.errors import register_error_handlers
 from flask_sqlalchemy import SQLAlchemy
 from flask_migrate import Migrate
 from app.extensions import db, migrate
+from flask_jwt_extended import (
+    JWTManager,
+    jwt_required,
+    create_access_token,
+    get_jwt_identity,
+)
+
 
 def create_app():
-    """ Factory function to create a Flask app instance """
+    """Factory function to create a Flask app instance"""
     app = Flask(__name__)
 
     # Load configuration
     app.config.from_object(Config)
 
+    CORS(app)
 
-    CORS(app) 
+    JWTManager(app)
 
     # Swagger Doc
     SWAGGER_URL = app.config.get("SWAGGER_URL")
     API_URL = app.config.get("API_URL")
 
-    
     # Register blueprints
     app.register_blueprint(api)
 
     swagger_ui_blueprint = get_swaggerui_blueprint(SWAGGER_URL, API_URL)
     app.register_blueprint(swagger_ui_blueprint, url_prefix=SWAGGER_URL)
 
-   
     # Error Handlers
     register_error_handlers(app)
-    
+
     from . import models
+
     # Database and Migrations
     db.init_app(app)
-    
-    
+
     migrate.init_app(app, db)
-   
 
     return app
diff --git a/app/api/services/authorization.py b/app/api/services/authorization.py
index ad133f1..210a56f 100644
--- a/app/api/services/authorization.py
+++ b/app/api/services/authorization.py
@@ -4,6 +4,13 @@ from app.api.services.base_service import BaseService
 from app.utils.logger import logger
 from app.api.schemas.authorization import AuthorizeRequestSchema
 from app.api.helpers.response_helper import ResponseHelper
+from flask_jwt_extended import (
+    JWTManager,
+    jwt_required,
+    create_access_token,
+    create_refresh_token,
+    get_jwt_identity,
+)
 
 
 class AuthorizationService(BaseService):
@@ -22,12 +29,29 @@ class AuthorizationService(BaseService):
         try:
             logger.info("Processing Authorization request")
 
+            if not request.is_json:
+                return ResponseHelper.bad_request(message="Missing JSON in request")
+
             # Validate input data using the Authorization schema
             schema = AuthorizeRequestSchema()
             validated_data = schema.load(data)  # Raises ValidationError if invalid
 
+            ### TODO: Access Database credentials here ###
+
+            if (
+                validated_data["username"] != "username"
+                or validated_data["password"] != "password"
+            ):
+                return ResponseHelper.unauthorized(message="Invalid credentials")
+
+            access_token = create_access_token(identity=validated_data["username"])
+            refresh_token = create_refresh_token(identity=validated_data["username"])
+
             # Simulated processing logic
-            response_data = {"resultCode": "00", "resultDescription": "Successful"}
+            response_data = {
+                "access_token": access_token,
+                "refresh_token": refresh_token,
+            }
 
             return ResponseHelper.success(
                 data=response_data, message="Authorization processed successfully"
diff --git a/app/config.py b/app/config.py
index fb66b2d..2329cee 100644
--- a/app/config.py
+++ b/app/config.py
@@ -1,16 +1,16 @@
 import os
 
+
 class Config:
     """Base configuration for Flask app"""
 
-
     SWAGGER_URL = os.getenv("SWAGGER_URL", "/documentation")
     API_URL = os.getenv("API_URL", "/swagger.json")
 
     DEBUG = True
     VALID_APP_ID = os.getenv("VALID_APP_ID", "app1")
     VALID_API_KEY = os.getenv("VALID_API_KEY", "test-api-key-12345")
-    BASIC_AUTH_USERNAME  = os.environ.get("BASIC_AUTH_USERNAME", "user")
+    BASIC_AUTH_USERNAME = os.environ.get("BASIC_AUTH_USERNAME", "user")
     BASIC_AUTH_PASSWORD = os.environ.get("BASIC_AUTH_PASSWORD", "password")
 
     DATABASE_USER = os.environ.get("DATABASE_USER")
@@ -19,11 +19,11 @@ class Config:
     DATABASE_PORT = os.environ.get("DATABASE_PORT", 10532)
     DATABASE_NAME = os.environ.get("DATABASE_NAME")
 
-    SQLALCHEMY_DATABASE_URI = (
-       f"postgresql+psycopg2://{DATABASE_USER}:{DATABASE_PASSWORD}@{DATABASE_HOST}:{DATABASE_PORT}/{DATABASE_NAME}"
-    )
+    SQLALCHEMY_DATABASE_URI = f"postgresql+psycopg2://{DATABASE_USER}:{DATABASE_PASSWORD}@{DATABASE_HOST}:{DATABASE_PORT}/{DATABASE_NAME}"
     SQLALCHEMY_TRACK_MODIFICATIONS = False
     SIMBRELLA_BASE_URL = os.getenv("SIMBRELLA_BASE_URL", "http://127.0.0.1:6337")
 
+    JWT_SECRET_KEY = os.getenv("JWT_SECRET_KEY", "secret-key")
 
-settings = Config()
\ No newline at end of file
+
+settings = Config()
diff --git a/requirements.txt b/requirements.txt
index 7e47465..e322d87 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -27,3 +27,6 @@ python-dotenv
 # Requests
 requests
 
+# JWT
+flask-jwt-extended
+