diff --git a/docs/api.md b/docs/api.md
index c3f30b4..6556d62 100644
--- a/docs/api.md
+++ b/docs/api.md
@@ -1,11 +1,12 @@
 # Dokumetacja API
 
-| Api                                            | Zadania endpointa                                          |
-| ---------------------------------------------- | ---------------------------------------------------------- |
-| [/config](#config)                             | Załadowanie konfiguracji startowej do aplikacji PlanNaPlan |
-| [/getCoursesWithGroups](#getcourseswithgroups) | Zwrócenie wszytskich kursów razem z grupami                |
-| [/getCourseGroups](#getcoursegroups)           | Zwrócenie grup dla danego kursu                            |
-| [/getCourses](#getcourses)                     | Zwrócenie wszystkich kursów                                |
+| Api                                                           | Zadania endpointa                                                            |
+| ------------------------------------------------------------- | ---------------------------------------------------------------------------- |
+| [/api/v1/configurator/config](#config)                        | Załadowanie konfiguracji startowej do aplikacji PlanNaPlan                   |
+| [/api/v1/courses/getCoursesWithGroups](#getcourseswithgroups) | Zwrócenie wszytskich kursów razem z grupami                                  |
+| [/api/v1/groups/getCourseGroups](#getcoursegroups)            | Zwrócenie grup dla danego kursu                                              |
+| [/api/v1/courses/getCourses](#getcourses)                     | Zwrócenie wszystkich kursów                                                  |
+| [/token](#token)                                              | Wymienia ticket z CAS-a na token ktorym beda autoryzowane chronione requesty |
 
 ## config
 
@@ -30,7 +31,7 @@ Endpoint konfigurujacy caly system i importujacy dane do bazy.
 Source code: [link](../restservice/src/main/java/com/plannaplan/controllers/getCoursesWithGroups.java)
 
 ```
-GET /getCoursesWithGroups
+GET /api/v1/courses/getCoursesWithGroups
 ```
 
 #### Opis
@@ -42,7 +43,7 @@ Zwraca wszystkie dostepne kursy wraz z listą grup.
 Source code: [link](../restservice/src/main/java/com/plannaplan/controllers/GroupController.java)
 
 ```
-GET /getCourseGroups
+GET /api/v1/groups/getCourseGroups
 ```
 
 #### Opis
@@ -61,9 +62,27 @@ Zwraca wszytskie grupy dla danego kursu.
 Source code: [link](../restservice/src/main/java/com/plannaplan/controllers/CoursesController.java)
 
 ```
-GET /getCourses
+GET /api/v1/courses/getCourses
 ```
 
 #### Opis
 
 Zwraca wszystkie dostepne kursy.
+
+## token
+
+Source code: [link](../restservice/src/main/java/com/plannaplan/controllers/TokenController.java)
+
+```
+GET /token?ticket=ST-668405-W0gfvSVDRBdMUWLweKzv-cas.amu.edu.pl
+```
+
+#### Opis
+
+Po odpytaniu tego endpointa z podanym ticketem system zrobi nma nim validate i dostanie uzytkownika dla ktorego zostal on wygenerowany. System utworzy dla niego access token i go zwroci w odpowiedzi
+
+#### Parametry
+
+| Type        | Name                      | Consumes | Opis                                    | Type   |
+| ----------- | ------------------------- | -------- | --------------------------------------- | ------ |
+| Query Param | **ticket** </br> required | -        | ticket uzyskany z logowania poprzez CAS | string |
diff --git a/restservice/src/main/java/com/plannaplan/App.java b/restservice/src/main/java/com/plannaplan/App.java
index ca8b681..7f8c652 100644
--- a/restservice/src/main/java/com/plannaplan/App.java
+++ b/restservice/src/main/java/com/plannaplan/App.java
@@ -13,6 +13,8 @@ import org.springframework.context.event.EventListener;
 @SpringBootApplication
 public class App {
 
+    public final static String API_VERSION = "v1";
+
     @Autowired
     UserService userService;
 
diff --git a/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java b/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java
index 7ec7f32..6438c74 100644
--- a/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java
+++ b/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java
@@ -5,6 +5,7 @@ import org.springframework.web.bind.annotation.RestController;
 
 import java.io.IOException;
 
+import com.plannaplan.App;
 import com.plannaplan.Controller;
 import com.plannaplan.models.ConfigData;
 
@@ -12,11 +13,13 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.multipart.MultipartFile;
 
 @RestController
 @CrossOrigin
+@RequestMapping("/api/" + App.API_VERSION + "/configurator")
 public class ConfigController {
 
     @Autowired
diff --git a/restservice/src/main/java/com/plannaplan/controllers/CoursesController.java b/restservice/src/main/java/com/plannaplan/controllers/CoursesController.java
index f6e2d38..e56e294 100644
--- a/restservice/src/main/java/com/plannaplan/controllers/CoursesController.java
+++ b/restservice/src/main/java/com/plannaplan/controllers/CoursesController.java
@@ -5,6 +5,7 @@ import java.util.Dictionary;
 import java.util.Hashtable;
 import java.util.List;
 
+import com.plannaplan.App;
 import com.plannaplan.entities.Course;
 import com.plannaplan.entities.Groups;
 import com.plannaplan.services.CourseService;
@@ -15,38 +16,40 @@ import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
 
 @RestController
 @CrossOrigin
+@RequestMapping("/api/" + App.API_VERSION + "/courses")
 public class CoursesController {
     @Autowired
     private CourseService courseService;
 
     @GetMapping("/getCourses")
-    public ResponseEntity<List<Dictionary<String,Object>>> getMethodName() {
+    public ResponseEntity<List<Dictionary<String, Object>>> getMethodName() {
         List<Course> courses = this.courseService.getAllCourses();
-        List<Dictionary<String,Object>> response = new ArrayList<>();
-        for(Course c : courses){
+        List<Dictionary<String, Object>> response = new ArrayList<>();
+        for (Course c : courses) {
             Dictionary<String, Object> element = new Hashtable<>();
             element.put("id", c.getId());
-            element.put("name",c.getName());
+            element.put("name", c.getName());
             response.add(element);
         }
-        
+
         return new ResponseEntity<>(response, HttpStatus.OK);
     }
 
     @GetMapping("/getCoursesWithGroups")
-    public ResponseEntity<List<Dictionary<String,Object>>> getCoursesWithGroups() {
+    public ResponseEntity<List<Dictionary<String, Object>>> getCoursesWithGroups() {
         List<Course> courses = this.courseService.getAllCourses();
-        List<Dictionary<String,Object>> response = new ArrayList<>();
-        for(Course c : courses){
+        List<Dictionary<String, Object>> response = new ArrayList<>();
+        for (Course c : courses) {
             Dictionary<String, Object> element = new Hashtable<>();
             element.put("id", c.getId());
-            element.put("name",c.getName());
-            List<Dictionary<String,Object>> groups = new ArrayList<>();
-            for(Groups g : c.getGroups()){
-                Dictionary<String,Object> group = new Hashtable<>();
+            element.put("name", c.getName());
+            List<Dictionary<String, Object>> groups = new ArrayList<>();
+            for (Groups g : c.getGroups()) {
+                Dictionary<String, Object> group = new Hashtable<>();
                 group.put("id", g.getId());
                 group.put("day", g.getDay().label);
                 group.put("time", g.getTimeString());
@@ -55,11 +58,11 @@ public class CoursesController {
                 group.put("type", g.getType());
                 groups.add(group);
             }
-            
+
             element.put("groups", groups);
             response.add(element);
         }
-        
+
         return new ResponseEntity<>(response, HttpStatus.OK);
     }
 
diff --git a/restservice/src/main/java/com/plannaplan/controllers/GroupController.java b/restservice/src/main/java/com/plannaplan/controllers/GroupController.java
index a84a5b3..2b56024 100644
--- a/restservice/src/main/java/com/plannaplan/controllers/GroupController.java
+++ b/restservice/src/main/java/com/plannaplan/controllers/GroupController.java
@@ -5,6 +5,7 @@ import java.util.Dictionary;
 import java.util.Hashtable;
 import java.util.List;
 
+import com.plannaplan.App;
 import com.plannaplan.entities.Groups;
 import com.plannaplan.services.GroupService;
 
@@ -13,21 +14,23 @@ import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
 @RestController
 @CrossOrigin
+@RequestMapping("/api/" + App.API_VERSION + "/groups")
 public class GroupController {
     @Autowired
     private GroupService groupService;
 
     @GetMapping("/getCourseGroups")
-    public ResponseEntity<List<Dictionary<String, Object>>> getCourses(@RequestParam("id") Long id, @RequestParam(name="capacity", defaultValue="true") Boolean capacity){
+    public ResponseEntity<List<Dictionary<String, Object>>> getCourses(@RequestParam("id") Long id,
+            @RequestParam(name = "capacity", defaultValue = "true") Boolean capacity) {
         List<Groups> groups = this.groupService.getGroupsByCourse(id);
         List<Dictionary<String, Object>> response = new ArrayList<>();
 
-
         for (Groups g : groups) {
             Dictionary<String, Object> group = new Hashtable<>();
             group.put("id", g.getId());
@@ -37,7 +40,7 @@ public class GroupController {
             group.put("room", g.getRoom());
             if (capacity) {
                 group.put("capacity", g.getCapacity());
-            } 
+            }
             group.put("type", g.getType());
 
             response.add(group);
diff --git a/restservice/src/main/java/com/plannaplan/security/WebSecurityConfig.java b/restservice/src/main/java/com/plannaplan/security/WebSecurityConfig.java
index 29850bc..25628fb 100644
--- a/restservice/src/main/java/com/plannaplan/security/WebSecurityConfig.java
+++ b/restservice/src/main/java/com/plannaplan/security/WebSecurityConfig.java
@@ -2,7 +2,6 @@ package com.plannaplan.security;
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
@@ -37,7 +36,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
     @Override
     public void configure(final WebSecurity webSecurity) {
-        webSecurity.ignoring().antMatchers("/token**");
+        webSecurity.ignoring().antMatchers("/token**").antMatchers("/api/v1/courses/getCourses")
+                .antMatchers("/api/v1/groups/getCourseGroups").antMatchers("/api/v1/courses/getCoursesWithGroups");
     }
 
     @Override
@@ -46,15 +46,13 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                 .sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().exceptionHandling().and()
                 .authenticationProvider(provider)
                 .addFilterBefore(authenticationFilter(), AnonymousAuthenticationFilter.class).authorizeRequests()
-                .antMatchers(HttpMethod.GET, "/token**").permitAll().anyRequest().authenticated();
+                .anyRequest().authenticated();
 
     }
 
-    @Bean
     AuthenticationFilter authenticationFilter() throws Exception {
         final AuthenticationFilter filter = new AuthenticationFilter(PROTECTED_URLS);
         filter.setAuthenticationManager(authenticationManager());
-        // filter.setAuthenticationSuccessHandler(successHandler());
         return filter;
     }