diff --git a/docker/config/application.tmpl b/docker/config/application.tmpl
index 2455c2269e0e650bff937fb6ac2bbf7fc7962f0b..0bb7a48b55bd4ed43ad949ff05f6f9b56497ad79 100644
--- a/docker/config/application.tmpl
+++ b/docker/config/application.tmpl
@@ -93,3 +93,4 @@ services:
   workflows:
     workflowUrl: {{ default .Env.WORKFLOW_URL "http://localhost:9090" }}
     workflowAuthorization: {{ default .Env.WORKFLOW_AUTHORIZATION "undefined" }}
+    JWTSecret: {{ default .Env.JWT_SECRET "secret" }}
diff --git a/src/main/java/eu/hbp/mip/controllers/JWTApi.java b/src/main/java/eu/hbp/mip/controllers/JWTApi.java
index 3c91544a26794c3c494e0f97cb50ad964adf28a5..bdc7b7bce218c4d956046be84571249188bee0aa 100644
--- a/src/main/java/eu/hbp/mip/controllers/JWTApi.java
+++ b/src/main/java/eu/hbp/mip/controllers/JWTApi.java
@@ -7,7 +7,10 @@ import org.springframework.http.ResponseEntity;
 import org.springframework.http.HttpStatus;
 import com.auth0.jwt.algorithms.Algorithm;
 import com.auth0.jwt.JWT;
-
+import eu.hbp.mip.model.User;
+import eu.hbp.mip.model.UserInfo;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.*;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
@@ -19,17 +22,25 @@ public class JWTApi {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(JWTApi.class);
 
+    @Autowired
+    private UserInfo userInfo;
+
+    @Value("#{'${services.workflows.JWTSecret}'}")
+    private String JWTSecret;
+
     @ApiOperation(value = "Create a JSON Web Token", response = String.class)
     @RequestMapping(method = RequestMethod.POST)
     public ResponseEntity<String> createJWT() {
 
         LOGGER.info("Create a JSON Web Token");
 
-        Algorithm algorithm = Algorithm.HMAC512("secret");
-        String token = JWT.create()
-        .withIssuer("mip.humanbrainproject.eu")
-        .withSubject("subj")
-        .sign(algorithm);
+        User user = userInfo.getUser();
+
+        Algorithm algorithm = Algorithm.HMAC512(JWTSecret);
+        String token = JWT.create().withIssuer("mip.humanbrainproject.eu").withSubject(user.getEmail()).sign(algorithm);
+
+        LOGGER.info(algorithm.toString());
+        LOGGER.info(token);
 
         return ResponseEntity.status(HttpStatus.CREATED).body(token);
     }