diff --git a/bin/web/auth/routes/api.js b/bin/web/auth/routes/api.js
index c8f6cd5..5dbaa7c 100644
--- a/bin/web/auth/routes/api.js
+++ b/bin/web/auth/routes/api.js
@@ -1,18 +1,35 @@
 var express = require('express');
 var route = express.Router();
 
+const cfg = require(global['__dirname']+'/bin/config');
+const sso = require(global['__dirname']+'/bin/sso/module');
+
 route.get('/login', (req, res) => {
 	// TODO: login
-	let a = global['modules'].sso.createAuthentication({
-		url: global['gds'].cfg.sso.authenticator,
-		appId: global['gds'].cfg.sso.appId
+	let a = sso.createAuthentication({
+		url: cfg.sso.authenticator,
+		appId: cfg.sso.appId
 	});
 	res.redirect(a);
 });
 
-route.get('/authenticate', (req, res) => {
-	// TODO: authenticate
-	res.end();
+route.get('/authenticate', async (req, res) => {
+	if(req.query && req.query.uid && req.query.token) {
+		let auth = await sso.authenticateUser({
+			userId: req.query.uid,
+			token: req.query.token,
+			appId: cfg.sso.appId,
+			appSecret: cfg.sso.appSecret
+		});
+		if(auth) {
+			req.session.user = {
+				ssoId: req.query.uid,
+				initializeUser: true
+			};
+			return res.redirect(cfg.web.rootUrl);
+		}
+		else return res.redirect(cfg.web.rootUrl + 'auth/login');
+	}
 });
 
 route.get('/logout', (req, res) => {
@@ -31,7 +48,7 @@ route.get('/logout', (req, res) => {
 	}
 });
 
-if(global['gds'].debug) {
+if(global['debug']) {
 	// DEBUG info
 	route.get('/info', (req, res) => {
 		let obj = {};