diff --git a/.gitignore b/.gitignore
index 108eebc..a305eed 100644
--- a/.gitignore
+++ b/.gitignore
@@ -67,5 +67,3 @@ report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
 package-lock.json
 
 *.jar
-gitea
-auth
diff --git a/bizmatch-server/src/auth/auth.controller.ts b/bizmatch-server/src/auth/auth.controller.ts
new file mode 100644
index 0000000..68f2e1a
--- /dev/null
+++ b/bizmatch-server/src/auth/auth.controller.ts
@@ -0,0 +1,40 @@
+import { Controller, Get, Param, Put } from '@nestjs/common';
+import { AuthService } from './auth.service.js';
+
+@Controller('auth')
+export class AuthController {
+  constructor(private readonly authService: AuthService) {}
+
+  @Get()
+  getAccessToken(): any {
+    return this.authService.getAccessToken();
+  }
+
+  @Get('users')
+  getUsers(): any {
+    return this.authService.getUsers();
+  }
+  @Get('user/:userid')
+  getUser(@Param('userid') userId: string): any {
+    return this.authService.getUser(userId);
+  }
+  @Get('groups')
+  getGroups(): any {
+    return this.authService.getGroups();
+  }
+
+  @Get('user/:userid/groups') //e0811669-c7eb-4e5e-a699-e8334d5c5b01 -> aknuth
+  getGroupsForUsers(@Param('userid') userId: string): any {
+    return this.authService.getGroupsForUser(userId);
+  }
+
+  @Get('user/:userid/lastlogin') //e0811669-c7eb-4e5e-a699-e8334d5c5b01 -> aknuth
+  getLastLogin(@Param('userid') userId: string): any {
+    return this.authService.getLastLogin(userId);
+  }
+
+  @Put('user/:userid/group/:groupid') //e0811669-c7eb-4e5e-a699-e8334d5c5b01 -> aknuth // 
+  addUser2Group(@Param('userid') userId: string,@Param('groupid') groupId: string): any {
+    return this.authService.addUser2Group(userId,groupId);
+  }
+}
diff --git a/bizmatch-server/src/auth/auth.module.ts b/bizmatch-server/src/auth/auth.module.ts
new file mode 100644
index 0000000..18fbde9
--- /dev/null
+++ b/bizmatch-server/src/auth/auth.module.ts
@@ -0,0 +1,17 @@
+import { Module } from '@nestjs/common';
+import { MailerModule } from '@nestjs-modules/mailer';
+import path, { join } from 'path';
+import { HandlebarsAdapter } from '@nestjs-modules/mailer/dist/adapters/handlebars.adapter.js';
+import { fileURLToPath } from 'url';
+import { AuthService } from './auth.service.js';
+import { AuthController } from './auth.controller.js';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+@Module({
+  imports: [
+  ],
+  providers: [AuthService],
+  controllers: [AuthController],
+  exports:[AuthService]
+})
+export class AuthModule {}
\ No newline at end of file
diff --git a/bizmatch-server/src/auth/auth.service.ts b/bizmatch-server/src/auth/auth.service.ts
new file mode 100644
index 0000000..57be19b
--- /dev/null
+++ b/bizmatch-server/src/auth/auth.service.ts
@@ -0,0 +1,107 @@
+import { Injectable } from '@nestjs/common';
+// import got from 'got';
+import ky from 'ky';
+import urlcat from 'urlcat';
+
+@Injectable()
+export class AuthService {
+  
+  public async getAccessToken() {
+    const form = new FormData();
+    form.append('grant_type', 'password');
+    form.append('username', process.env.user);
+    form.append('password', process.env.password);
+
+    try {
+      const params = new URLSearchParams();
+      params.append('grant_type', 'password');
+      params.append('username', process.env.user);
+      params.append('password', process.env.password);
+      const URL = `${process.env.host}${process.env.tokenURL}`;
+
+      const response = await ky.post(URL, {
+        body: params.toString(),
+        headers: {
+          'Content-Type': 'application/x-www-form-urlencoded',
+          'Authorization':'Basic YWRtaW4tY2xpOnE0RmJnazFkd0NaelFQZmt5VzhhM3NnckV5UHZlRUY3'
+        },
+      }).json();
+      return (<any>response).access_token;
+    } catch (error) {
+      if (error.name === 'HTTPError') {
+        const errorJson = await error.response.json();
+        console.error('Fehlerantwort vom Server:', errorJson);
+      } else {
+        console.error('Allgemeiner Fehler:', error);
+      }
+    }
+  }
+
+  public async getUsers(){
+    const token = await this.getAccessToken();
+    const URL = `${process.env.host}${process.env.usersURL}`;
+    const response = await ky.get(URL, {
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+        'Authorization':`Bearer ${token}`
+      },
+    }).json();
+    return response
+  }
+  public async getUser(userid:string){
+    const token = await this.getAccessToken();
+    const URL = urlcat(process.env.host,process.env.userURL,{userid})
+    const response = await ky.get(URL, {
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+        'Authorization':`Bearer ${token}`
+      },
+    }).json();
+    return response
+  }
+  public async getGroups(){
+    const token = await this.getAccessToken();
+    const URL = `${process.env.host}${process.env.groupsURL}`;
+    const response = await ky.get(URL, {
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+        'Authorization':`Bearer ${token}`
+      },
+    }).json();
+    return response
+  }
+
+  public async getGroupsForUser(userid:string){
+    const token = await this.getAccessToken();
+    const URL = urlcat(process.env.host,process.env.userGroupsURL,{userid})
+    const response = await ky.get(URL, {
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+        'Authorization':`Bearer ${token}`
+      },
+    }).json();
+    return response
+  }
+  public async getLastLogin(userid:string){
+    const token = await this.getAccessToken();
+    const URL = urlcat(process.env.host,process.env.lastLoginURL,{userid})
+    const response = await ky.get(URL, {
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+        'Authorization':`Bearer ${token}`
+      },
+    }).json();
+    return response
+  }
+  public async addUser2Group(userid:string,groupid:string){
+    const token = await this.getAccessToken();
+    const URL = urlcat(process.env.host,process.env.addUser2GroupURL,{userid,groupid})
+    const response = await ky.put(URL, {
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+        'Authorization':`Bearer ${token}`
+      },
+    }).json();
+    return response
+  }
+}