diff --git a/src/app/api/super-admin/UsersController.ts b/src/app/api/super-admin/UsersController.ts
index 5231ccc1..e25bd351 100644
--- a/src/app/api/super-admin/UsersController.ts
+++ b/src/app/api/super-admin/UsersController.ts
@@ -6,6 +6,7 @@ import { Service } from "typedi";
 import { validateOrReject } from "class-validator";
 import User from "le-coffre-resources/dist/Notary";
 import { Users } from "@prisma/client";
+import authHandler from "@App/middlewares/AuthHandler";
 
 @Controller()
 @Service()
@@ -17,7 +18,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Get all users
 	 */
-	@Get("/api/v1/super-admin/users")
+	@Get("/api/v1/super-admin/users", [authHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -40,7 +41,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Create a new user
 	 */
-	@Post("/api/v1/super-admin/users")
+	@Post("/api/v1/super-admin/users", [authHandler])
 	protected async getAddresses(req: Request, response: Response) {
 		try {
 			//init IUser resource with request body values
diff --git a/src/app/middlewares/AuthHandler.ts b/src/app/middlewares/AuthHandler.ts
new file mode 100644
index 00000000..f2bf8cb7
--- /dev/null
+++ b/src/app/middlewares/AuthHandler.ts
@@ -0,0 +1,20 @@
+import HttpCodes from "@Common/system/controller-pattern/HttpCodes";
+import AuthService from "@Services/private-services/AuthService/AuthService";
+import { NextFunction, Request, Response } from "express";
+import Container from "typedi";
+
+export default function authHandler(req: Request, response: Response, next: NextFunction) {
+	const authHeader = req.headers['authorization'];
+  const token = authHeader && authHeader.split(' ')[1];
+
+  if (!token) return response.sendStatus(HttpCodes.UNAUTHORIZED)
+
+  const authService = Container.get(AuthService);
+  authService.verifyAccessToken(token, (err, userPayload) => {
+    if (err) return response.sendStatus(HttpCodes.UNAUTHORIZED);
+    req.body.user = userPayload;
+    return;
+  })
+  return next();
+}
+
diff --git a/src/services/private-services/AuthService/AuthService.ts b/src/services/private-services/AuthService/AuthService.ts
index e156a052..d8a0cf54 100644
--- a/src/services/private-services/AuthService/AuthService.ts
+++ b/src/services/private-services/AuthService/AuthService.ts
@@ -3,7 +3,6 @@ import BaseService from "@Services/BaseService";
 import "reflect-metadata";
 import { BackendVariables } from "@Common/config/variables/Variables";
 import { Service } from "typedi";
-//import User from "le-coffre-resources/dist/Notary";
 
 type IdNotTokens = {
 	access_token: string;
@@ -12,7 +11,8 @@ type IdNotTokens = {
 
 @Service()
 export default class AuthService extends BaseService {
-	private constructor(protected variables: BackendVariables) {
+ 
+	constructor(protected variables: BackendVariables) {
 		super();
 	}