diff --git a/config/config.xml.default b/config/config.xml.default
index 73b662985875f19d8a60a12fd6c29e946efeeded..7d63ce8ac70e9ceb0caf416cfa8c0ae9c5113b5b 100755
--- a/config/config.xml.default
+++ b/config/config.xml.default
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <ROOT>
     <config>
-        <SessionTime>1440</SessionTime> <!-- minutes -->
+        <sessionTime>1440</sessionTime> <!-- minutes -->
         <timezone>Europe/Paris</timezone>
         <customLangPathDirectory></customLangPathDirectory>
     </config>
diff --git a/rest/index.php b/rest/index.php
index 0472aca69ff5332a2f2b968a759c657572bd26dc..7d1733f808ab3b0b61e302f67f5bb7a0464f5d24 100755
--- a/rest/index.php
+++ b/rest/index.php
@@ -26,12 +26,11 @@ $app->add(function (\Slim\Http\Request $request, \Slim\Http\Response $response,
     if (!is_file($configPath . '/config.xml')) {
         return $response->withStatus(400)->withJson(['errors' => 'Configuration file is missing']);
     }
-    $routesWithoutAuthentication = ['GET/authenticationInformations', 'POST/authenticate', 'POST/password', 'PUT/password', 'GET/passwordRules', 'GET/languages/{lang}'];
     $route = $request->getAttribute('route');
     $currentMethod = empty($route) ? '' : $route->getMethods()[0];
     $currentRoute = empty($route) ? '' : $route->getPattern();
 
-    if (in_array($currentMethod.$currentRoute, $routesWithoutAuthentication)) {
+    if (in_array($currentMethod.$currentRoute, \SrcCore\controllers\AuthenticationController::ROUTES_WITHOUT_AUTHENTICATION)) {
         $response = $next($request, $response);
     } else {
         $authorizationHeaders = $request->getHeader('Authorization');
diff --git a/src/core/controllers/AuthenticationController.php b/src/core/controllers/AuthenticationController.php
index 0e4d657bf3832028730f1ffca9f9a88007af5bec..faa96dbcb7d1d1ced2616a2813f64dccd9ca801c 100755
--- a/src/core/controllers/AuthenticationController.php
+++ b/src/core/controllers/AuthenticationController.php
@@ -28,6 +28,19 @@ use User\models\UserModel;
 class AuthenticationController
 {
     const MAX_DURATION_TOKEN = 30; //Minutes
+    const ROUTES_WITHOUT_AUTHENTICATION = [
+        'GET/authenticationInformations', 'POST/authenticate', 'GET/authenticate/token',
+        'POST/password', 'PUT/password', 'GET/passwordRules', 'GET/languages/{lang}'
+    ];
+
+
+    public static function getInformations(Request $request, Response $response)
+    {
+        $connection = ConfigurationModel::getConnection();
+        $encryptKey = CoreConfigModel::getEncryptKey();
+
+        return $response->withJson(['connection' => $connection, 'changeKey' => $encryptKey == 'Security Key Maarch Parapheur #2008']);
+    }
 
     public static function authentication($authorizationHeaders = [])
     {
@@ -156,12 +169,35 @@ class AuthenticationController
         return $response->withStatus(204);
     }
 
-    public static function getInformations(Request $request, Response $response)
+    public static function getRefreshedToken(Request $request, Response $response)
     {
-        $connection = ConfigurationModel::getConnection();
-        $encryptKey = CoreConfigModel::getEncryptKey();
+        $queryParams = $request->getQueryParams();
 
-        return $response->withJson(['connection' => $connection, 'changeKey' => $encryptKey == 'Security Key Maarch Parapheur #2008']);
+        if (!Validator::stringType()->notEmpty()->validate($queryParams['refreshToken'])) {
+            return $response->withStatus(400)->withJson(['errors' => 'Refresh Token is empty']);
+        }
+
+        try {
+            $jwt = JWT::decode($queryParams['refreshToken'], CoreConfigModel::getEncryptKey(), ['HS256']);
+        } catch (\Exception $e) {
+            return $response->withStatus(401)->withJson(['errors' => 'Authentication Failed']);
+        }
+
+        $user = UserModel::getById(['select' => ['id', 'refresh_token'], 'id' => $jwt->user->id]);
+        if (empty($user['refresh_token'])) {
+            return $response->withStatus(401)->withJson(['errors' => 'Authentication Failed']);
+        }
+
+        $user['refresh_token'] = json_decode($user['refresh_token'], true);
+        if (!in_array($queryParams['refreshToken'], $user['refresh_token'])) {
+            return $response->withStatus(401)->withJson(['errors' => 'Authentication Failed']);
+        }
+
+        $GLOBALS['id'] = $user['id'];
+
+        $response = $response->withHeader('Token', AuthenticationController::getJWT());
+
+        return $response->withStatus(204);
     }
 
     public static function getJWT()