diff --git a/main.go b/main.go
index 54daa0d..13657f5 100644
--- a/main.go
+++ b/main.go
@@ -30,9 +30,9 @@ func run() error {
 
 	http.HandleFunc("/", srv.serveHTTP)
 
-	port := 8080
+	port := 8090
 	log.Printf("servering http port %v", port)
-	err = http.ListenAndServe(":8080", nil)
+	err = http.ListenAndServe(":8090", nil)
 	if err != nil {
 		return err
 	}
diff --git a/routes.auth.go b/routes.auth.go
index eb2af41..0df506d 100644
--- a/routes.auth.go
+++ b/routes.auth.go
@@ -40,6 +40,7 @@ type Claims struct {
 	Sub          string   `json:"sub"`
 	IDEntreprise string   `json:"idEntreprise"`
 	RcaPartnerID string   `json:"rcaPartnerId"`
+	Scopes       []string `json:"scopes"`
 	Roles        []string `json:"roles"`
 	jwt.StandardClaims
 }
@@ -68,32 +69,36 @@ func (s *server) handleLocal() http.HandlerFunc {
 		sub := r.FormValue("sub")
 		idEntreprise := r.FormValue("id_entreprise")
 		rcaPartnerID := r.FormValue("rcaPartnerId")
-		var jwtKey = []byte(r.FormValue("secret"))
+		jwtKey := r.FormValue("secret")
+		scopes := r.FormValue("scopes")
+		roles := r.FormValue("roles")
+
+		var sc []string
+		sc = append(sc, scopes)
+
+		rs := strings.Fields(roles)
 
 		// Declare the expiration time of the token
 		// here, we have kept it as 5 minutes
 		expirationTime := time.Now().Add(5 * time.Hour)
-		roles := []string{"RCA_CLOUD_EXPERT_COMPTABLE",
-			"E_COLLECTE_BO_CREA",
-			"E_CREATION_CREA",
-			"E_QUESTIONNAIRE_CREA"}
 		// Create the JWT claims, which includes the username and expiry time
 		claims := &Claims{
 			Sub:          sub,
 			IDEntreprise: idEntreprise,
 			RcaPartnerID: rcaPartnerID,
-			Roles:        roles,
+			Roles:        rs,
+			Scopes:       sc,
 			StandardClaims: jwt.StandardClaims{
 				// In JWT, the expiry time is expressed as unix milliseconds
 				ExpiresAt: expirationTime.Unix(),
 			},
 		}
 
+		secretBase64, err := jwt.DecodeSegment(jwtKey)
 		// Declare the token with the algorithm used for signing, and the claims
-		ts := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
-
+		ts := jwt.NewWithClaims(jwt.SigningMethodHS512, claims)
+		at, err := ts.SignedString(secretBase64)
 		// Create the JWT string
-		at, err := ts.SignedString(jwtKey)
 		if err != nil {
 			log.Printf("erreur %v", err)
 			// If there is an error in creating the JWT return an internal server error
@@ -116,7 +121,7 @@ func (s *server) handleLocal() http.HandlerFunc {
 
 		monID := strconv.Itoa(int(o.ID))
 		// Puis redisrect vers page resultat
-		rj := "http://localhost:8080/jwt?model=" + monID
+		rj := "http://localhost:8090/jwt?model=" + monID
 		http.Redirect(rw, r, rj, http.StatusMovedPermanently)
 
 	}
@@ -163,8 +168,8 @@ func (s *server) handleOAuth20() http.HandlerFunc {
 		rhttp := "https://" + d + "/entreprise-partenaire/authorize?client_id=" + ci +
 			"&scope=" + sc +
 			"&current_company=" + cc +
-			"&redirect_uri=http://localhost:8080/oauth/redirect%3Fstate=" + st +
-			"&abort_uri=http://localhost:8080/index"
+			"&redirect_uri=http://localhost:8090/oauth/redirect%3Fstate=" + st +
+			"&abort_uri=http://localhost:8090/index"
 		http.Redirect(rw, r, rhttp, http.StatusMovedPermanently)
 
 	}
@@ -239,7 +244,7 @@ func (s *server) handleRedirect() http.HandlerFunc {
 
 		monID := strconv.Itoa(int(o.ID))
 		// Puis redisrect vers page resultat
-		rj := "http://localhost:8080/jwt?model=" + monID
+		rj := "http://localhost:8090/jwt?model=" + monID
 		http.Redirect(rw, r, rj, http.StatusMovedPermanently)
 	}
 }
@@ -300,7 +305,7 @@ func constJSONToken(code, state string, param *model.Param) JSONToken {
 		ClientID:     param.ClientID,
 		ClientSecret: param.ClientSecret,
 		GrantType:    param.GrantType,
-		RedirectURI:  "http://localhost:8080/oauth/redirect%3Fstate=" + state,
+		RedirectURI:  "http://localhost:8090/oauth/redirect%3Fstate=" + state,
 		Code:         code,
 	}
 }
diff --git a/templateOAuth/index.go b/templateOAuth/index.go
index 22d8d91..82f4cf3 100644
--- a/templateOAuth/index.go
+++ b/templateOAuth/index.go
@@ -16,64 +16,12 @@ var TemplateIndex = `<!DOCTYPE html>
     <script src="http://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/enc-base64-min.js"></script>
 
     <script>
-
-        function base64url(source) {
-            // Encode in classical base64
-            encodedSource = CryptoJS.enc.Base64.stringify(source);
-
-            // Remove padding equal characters
-            encodedSource = encodedSource.replace(/=+$/, '');
-
-            // Replace characters according to base64url specifications
-            encodedSource = encodedSource.replace(/\+/g, '-');
-            encodedSource = encodedSource.replace(/\//g, '_');
-
-            return encodedSource;
-        }
-
         function generateToken(form) {
             var form = document.getElementById(form);
 
             form.submit();
-
-            //window.location = 'https://captation.beta.rca.fr/entreprise-partenaire/authorize?client_id=meg-test-interne&scope=user.read company.read accounting_firm.read sales&current_company=true&redirect_uri=http://localhost:8080/oauth/redirect'
         }
 
-        function generate() {
-            var header = {
-                "alg": "HS512"
-            };
-
-            var data = {
-                "sub": document.getElementById('sub').value,
-                "exp": Math.floor(Date.now() / 1000) + 6 * 30 * 24 * 3600,
-                "roles": [
-                    "RCA_CLOUD_EXPERT_COMPTABLE",
-                    "E_COLLECTE_BO_CREA",
-                    "E_CREATION_CREA",
-                    "E_QUESTIONNAIRE_CREA"
-                ],
-                "id_entreprise": document.getElementById('id_entreprise').value,
-                "rcaPartnerId": document.getElementById('rcaPartnerId').value
-            };
-
-            var secret = document.getElementById('secret').value;
-            secret = CryptoJS.enc.Base64.parse(secret);
-
-            var stringifiedHeader = CryptoJS.enc.Utf8.parse(JSON.stringify(header));
-            var encodedHeader = base64url(stringifiedHeader);
-
-            var stringifiedData = CryptoJS.enc.Utf8.parse(JSON.stringify(data));
-            var encodedData = base64url(stringifiedData);
-
-            var signature = encodedHeader + "." + encodedData;
-            signature = CryptoJS.HmacSHA512(signature, secret);
-            signature = base64url(signature);
-
-            document.getElementById('jwt').value = encodedHeader + "." + encodedData + "." + signature;
-            M.updateTextFields();
-            M.textareaAutoResize(document.getElementById('jwt'));
-        }
     </script>
 </head>
 
@@ -87,21 +35,35 @@ var TemplateIndex = `<!DOCTYPE html>
                 <div class="row">
                     <div class="input-field col s12">
                         <i class="material-icons prefix">account_circle</i>
-                        <input type="text" id="sub" name="sub" value="mbola.randriamamonjisoa+ec@rca.fr">
+                        <input type="text" id="sub" name="sub" value="localhost+ec@rca.fr">
                         <label for="name">Subject :</label>
                     </div>
                 </div>
                 <div class="row">
                     <div class="input-field col s12">
                         <i class="material-icons prefix">account_balance</i>
-                        <input type="text" id="id_entreprise" name="id_entreprise" value="85422">
+                        <input type="text" id="id_entreprise" name="id_entreprise" value="1">
                         <label for="name">Id entreprise :</label>
                     </div>
                 </div>
+                <div class="row">
+                    <div class="input-field col s12">
+                        <i class="material-icons prefix">fiber_pin</i>
+                        <input type="text" id="scopes" name="scopes" value="purchase">
+                        <label for="name">Scopes :</label>
+                    </div>
+                </div>
+                <div class="row">
+                    <div class="input-field col s12">
+                        <i class="material-icons prefix">fiber_pin</i>
+                        <input type="text" id="roles" name="roles" value="RCA_CLOUD_EXPERT_COMPTABLE E_COLLECTE_BO_CREA E_CREATION_CREA E_QUESTIONNAIRE_CREA">
+                        <label for="name">Roles :</label>
+                    </div>
+                </div>
                 <div class="row">
                     <div class="input-field col s12">
                         <i class="material-icons prefix">account_balance</i>
-                        <input type="text" id="rcaPartnerId" name="rcaPartnerId" value="agora-expert">
+                        <input type="text" id="rcaPartnerId" name="rcaPartnerId" value="meg-test-interne">
                         <label for="name" >ID partenaire RCA :</label>
                     </div>
                 </div>
diff --git a/templateOAuth/jwt.html b/templateOAuth/jwt.html
deleted file mode 100644
index 24e2063..0000000
--- a/templateOAuth/jwt.html
+++ /dev/null
@@ -1,166 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
-    <title>RCA JWT API</title>
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-
-    <link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
-    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css">
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js"></script>
-
-    <script src="http://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/hmac-sha512.js"></script>
-    <script src="http://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/enc-base64-min.js"></script>
-
-    <script>
-
-        function base64url(source) {
-            // Encode in classical base64
-            encodedSource = CryptoJS.enc.Base64.stringify(source);
-
-            // Remove padding equal characters
-            encodedSource = encodedSource.replace(/=+$/, '');
-
-            // Replace characters according to base64url specifications
-            encodedSource = encodedSource.replace(/\+/g, '-');
-            encodedSource = encodedSource.replace(/\//g, '_');
-
-            return encodedSource;
-        }
-
-        function generateToken(form) {
-            var form = document.getElementById(form);
-
-            form.submit();
-
-            //window.location = 'https://captation.beta.rca.fr/entreprise-partenaire/authorize?client_id=meg-test-interne&scope=user.read company.read accounting_firm.read sales&current_company=true&redirect_uri=http://localhost:8080/oauth/redirect'
-        }
-
-        function generate() {
-            var header = {
-                "alg": "HS512"
-            };
-
-            var data = {
-                "sub": document.getElementById('sub').value,
-                "exp": Math.floor(Date.now() / 1000) + 6 * 30 * 24 * 3600,
-                "roles": [
-                    "RCA_CLOUD_EXPERT_COMPTABLE",
-                    "E_COLLECTE_BO_CREA",
-                    "E_CREATION_CREA",
-                    "E_QUESTIONNAIRE_CREA"
-                ],
-                "id_entreprise": document.getElementById('id_entreprise').value,
-                "rcaPartnerId": document.getElementById('rcaPartnerId').value
-            };
-
-            var secret = document.getElementById('secret').value;
-            secret = CryptoJS.enc.Base64.parse(secret);
-
-            var stringifiedHeader = CryptoJS.enc.Utf8.parse(JSON.stringify(header));
-            var encodedHeader = base64url(stringifiedHeader);
-
-            var stringifiedData = CryptoJS.enc.Utf8.parse(JSON.stringify(data));
-            var encodedData = base64url(stringifiedData);
-
-            var signature = encodedHeader + "." + encodedData;
-            signature = CryptoJS.HmacSHA512(signature, secret);
-            signature = base64url(signature);
-
-            document.getElementById('jwt').value = encodedHeader + "." + encodedData + "." + signature;
-            M.updateTextFields();
-            M.textareaAutoResize(document.getElementById('jwt'));
-        }
-    </script>
-</head>
-
-<body>
-    <div>
-        <h1 class="center-align">JWT</h1>
-      </div>
-    <div class="container">
-        <div class="row">
-            <form class="col s6 light-blue lighten-5" id="formLocal" method="post" action="/local">
-                <div class="row">
-                    <div class="input-field col s12">
-                        <i class="material-icons prefix">account_circle</i>
-                        <input type="text" id="sub" name="sub" value="mbola.randriamamonjisoa+ec@rca.fr">
-                        <label for="name">Subject :</label>
-                    </div>
-                </div>
-                <div class="row">
-                    <div class="input-field col s12">
-                        <i class="material-icons prefix">account_balance</i>
-                        <input type="text" id="id_entreprise" name="id_entreprise" value="85422">
-                        <label for="name">Id entreprise :</label>
-                    </div>
-                </div>
-                <div class="row">
-                    <div class="input-field col s12">
-                        <i class="material-icons prefix">account_balance</i>
-                        <input type="text" id="rcaPartnerId" name="rcaPartnerId" value="agora-expert">
-                        <label for="name" >ID partenaire RCA :</label>
-                    </div>
-                </div>
-                <div class="row">
-                    <div class="input-field col s12">
-                        <i class="material-icons prefix">fiber_pin</i>
-                        <input type="text" id="secret" name="secret" value="XXXXXXX">
-                        <label for="name">Secret :</label>
-                    </div>
-                </div>
-                <div class="row">
-                    <a class="waves-effect waves-light btn" onclick="generateToken('formLocal');"><i
-                            class="material-icons left">cloud</i>Local</a>
-                </div>
-            </form>
-        
-            <form class="col s6 light-green lighten-5" id="formOAtuh20" method="post" action="/oauth20">
-                <div class="row">
-                    <div class="input-field col s12">
-                        <i class="material-icons prefix">account_balance</i>
-                        <input type="text" id="domain" name="domain" value="captation.beta.rca.fr">
-                        <label for="name">Domaine :</label>
-                    </div>
-                </div>
-                <div class="row">
-                    <div class="input-field col s12">
-                        <i class="material-icons prefix">account_balance</i>
-                        <input type="text" id="clientId" name="clientId" value="meg-test-interne">
-                        <label for="name">Client Id :</label>
-                    </div>
-                </div>
-                <div class="row">
-                    <div class="input-field col s12">
-                        <i class="material-icons prefix">account_balance</i>
-                        <input type="text" id="clientSecret" name="clientSecret" value="xxxxxxxx">
-                        <label for="name">Client Secret :</label>
-                    </div>
-                </div>
-                <div class="row">
-                    <div class="input-field col s12">
-                        <i class="material-icons prefix">account_balance</i>
-                        <input type="text" id="scopes" name="scopes" value="user">
-                        <label for="name">Scopes</label>
-                    </div>
-                </div>
-                <div class="row">
-                    <div class="checkbox col s12">
-                        <label>
-                            <input type="checkbox" id="currentCompany" name="currentCompany" checked="checked" />
-                            <span>Company courante</span>
-                        </label>
-                    </div>
-                </div>
-                <div class="row">
-                    <a class="waves-effect waves-light btn" onclick="generateToken('formOAtuh20');"><i
-                            class="material-icons left">cloud</i>OAuth2.0</a>
-                </div>
-            </form>
-        </div>
-
-    </div>
-
-</body>
-
-</html>
\ No newline at end of file
diff --git a/templateOAuth/resultat.go b/templateOAuth/resultat.go
index 901b2e1..cac371a 100644
--- a/templateOAuth/resultat.go
+++ b/templateOAuth/resultat.go
@@ -27,10 +27,10 @@ var Resultat = `<!DOCTYPE html>
         <h1 class="center-align">Composition</h1>
     </div>
     <div class="container">
-        <a class="waves-effect waves-light btn" onclick="copy('{{.JwtProduce }}');" >
+        <a class="waves-effect waves-light btn tooltipped" data-tooltip="Copy" onclick="copy('{{.JwtProduce }}');" >
                 <i class="material-icons center">content_copy</i>
         </a>
-        <a class="waves-effect waves-light btn" onclick="copy('{{.JwtProduce }}');" >
+        <a class="waves-effect waves-light btn tooltipped" data-tooltip="Refresh" onclick="copy('{{.JwtProduce }}');" >
                 <i class="material-icons left bottom">refresh</i>Refresh Token
         </a>
         <div class="row">
@@ -73,7 +73,11 @@ var Resultat = `<!DOCTYPE html>
     document.addEventListener('DOMContentLoaded', function () {
         var elems = document.querySelectorAll('.collapsible');
         var instances = M.Collapsible.init(elems, {});
+
+        var elemsTt = document.querySelectorAll('.tooltipped');
+        var instancesTt = M.Tooltip.init(elemsTt, {});
     });
+
 </script>
 
 </html>`
diff --git a/templateOAuth/resultat.html b/templateOAuth/resultat.html
deleted file mode 100644
index 4250799..0000000
--- a/templateOAuth/resultat.html
+++ /dev/null
@@ -1,69 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-
-<head>
-    <title>RCA JWT API</title>
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
-    <link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
-    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css">
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js"></script>
-
-    <script src="http://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/hmac-sha512.js"></script>
-    <script src="http://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/enc-base64-min.js"></script>
-
-</head>
-
-<body>
-    <div>
-        <h1 class="center-align">Composition</h1>
-    </div>
-    <div class="container">
-        <div class="row">
-            <a class="waves-effect waves-light btn" onClick="{() => {navigator.clipboard.writeText(`{{.JwtProduce }}`)}}" >
-                <i class="material-icons left">content_copy</i>
-            </a>
-            <div class="light-blue lighten-5 col s5">
-                <span style="width:300px; word-wrap:break-word; display:inline-block;">
-                    {{.JwtProduce }}
-                </span>
-            </div>
-            <div class="col s7">
-
-                <ul class="collapsible collapsible-accordion">
-                    <li>
-                        <div class="collapsible-header"><i class="material-icons">filter_drama</i>header</div>
-                        <div class="collapsible-body" ><pre id="header"></pre></div>
-                    </li>
-                    <li class="active">
-                        <div class="collapsible-header"><i class="material-icons">place</i>payload</div>
-                        <div class="collapsible-body"><pre id="payload"></pre></div>
-                    </li>
-                    <li>
-                        <div class="collapsible-header"><i class="material-icons">whatshot</i>signature</div>
-                        <div class="collapsible-body"><span>Lorem ipsum dolor sit amet.</span></div>
-                    </li>
-                </ul>
-            </div>
-        </div>
-    </div>
-</body>
-
-<script>
-   
-
-    let headerGO = JSON.parse('{{.Header}}')
-    let payloadGo = JSON.parse('{{.Payload}}')
-    var headerJson = JSON.stringify(headerGO, null, 4)
-    var payloadJson = JSON.stringify(payloadGo, null, 4)
-    document.getElementById("header").innerHTML = "<pre>" + headerJson + "</pre>"
-    document.getElementById("payload").innerHTML = "<pre>" + payloadJson + "</pre>"
-
-    document.addEventListener('DOMContentLoaded', function () {
-        var elems = document.querySelectorAll('.collapsible');
-        var instances = M.Collapsible.init(elems, {});
-    });
-</script>
-
-</html>
\ No newline at end of file
