diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 2664f9c422132b28d836191aa3a192e261193a08..8c885e5f20a36122d78150dcd6341ce2b2a80e6f 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -30,5 +30,5 @@ test-backend:
     DJANGO_SETTINGS_MODULE: "metagenedb.settings-gitlab-ci"
   script:
     - flake8 --max-line-length 120
-    - pytest --cov . 2>&1 pytest_tmp.out
-    - pytest --cov scripts/ --cov-append
+    - coverage run --source='.' scripts/manage.py test metagenedb/tests
+    - coverage report
diff --git a/backend/metagenedb/apps/accounts/__init__.py b/backend/metagenedb/apps/accounts/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/backend/metagenedb/apps/accounts/apps.py b/backend/metagenedb/apps/accounts/apps.py
new file mode 100644
index 0000000000000000000000000000000000000000..9b3fc5a44939430bfb326ca9a33f80e99b06b5be
--- /dev/null
+++ b/backend/metagenedb/apps/accounts/apps.py
@@ -0,0 +1,5 @@
+from django.apps import AppConfig
+
+
+class AccountsConfig(AppConfig):
+    name = 'accounts'
diff --git a/backend/metagenedb/apps/accounts/migrations/__init__.py b/backend/metagenedb/apps/accounts/migrations/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/backend/metagenedb/apps/accounts/urls.py b/backend/metagenedb/apps/accounts/urls.py
new file mode 100644
index 0000000000000000000000000000000000000000..4d63e5a45884332dd200b2c7e5ff49c76ac3afde
--- /dev/null
+++ b/backend/metagenedb/apps/accounts/urls.py
@@ -0,0 +1,25 @@
+from django.urls import re_path
+from rest_framework_jwt.views import (
+    obtain_jwt_token,
+    refresh_jwt_token,
+    verify_jwt_token,
+)
+
+
+urlpatterns = [
+    re_path(
+        r'^auth/obtain_token/',
+        obtain_jwt_token,
+        name='api-jwt-auth'
+    ),
+    re_path(
+        r'^auth/refresh_token/',
+        refresh_jwt_token,
+        name='api-jwt-refresh'
+    ),
+    re_path(
+        r'^auth/verify_token/',
+        verify_jwt_token,
+        name='api-jwt-verify'
+    ),
+]
diff --git a/backend/metagenedb/settings/django.py b/backend/metagenedb/settings/django.py
index 60e4ae3d1a3848a7ef06f432152e2660e04a6aa8..23d7982446b54eaf257dd73812e83cad203b9dc5 100644
--- a/backend/metagenedb/settings/django.py
+++ b/backend/metagenedb/settings/django.py
@@ -10,6 +10,7 @@ environ.Env.read_env(root('.env'))  # reading .env file
 
 INSTALLED_APPS = [
     'metagenedb.apps.catalog',
+    'metagenedb.apps.accounts',
     'django.contrib.admin',
     'django.contrib.auth',
     'django.contrib.contenttypes',
@@ -93,6 +94,20 @@ CORS_ORIGIN_WHITELIST = (
 )
 
 
+# Rest framework
+
+REST_FRAMEWORK = {
+    'DEFAULT_PERMISSION_CLASSES': (
+        'rest_framework.permissions.IsAuthenticated',
+    ),
+    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
+        'rest_framework.authentication.SessionAuthentication',
+        'rest_framework.authentication.BasicAuthentication',
+    ),
+}
+
+
 # Config by .env file
 
 DEBUG = env.bool('DEBUG', default=False)
diff --git a/backend/metagenedb/tests/__init__.py b/backend/metagenedb/tests/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/backend/metagenedb/tests/apps/__init__.py b/backend/metagenedb/tests/apps/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/backend/metagenedb/tests/apps/accounts/__init__.py b/backend/metagenedb/tests/apps/accounts/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/backend/metagenedb/tests/apps/accounts/tests.py b/backend/metagenedb/tests/apps/accounts/tests.py
new file mode 100644
index 0000000000000000000000000000000000000000..fc240e340c7e6a4ab6c286107410bfbf3d089add
--- /dev/null
+++ b/backend/metagenedb/tests/apps/accounts/tests.py
@@ -0,0 +1,28 @@
+from django.urls import reverse
+from rest_framework.test import APITestCase
+from rest_framework import status
+
+
+from django.contrib.auth.models import User
+
+
+class TestAccounts(APITestCase):
+
+    def test_obtain_jwt(self):
+
+        # create an inactive user
+        url = reverse('api-jwt-auth')
+        u = User.objects.create_user(username='user', email='user@foo.com', password='pass')
+        u.is_active = False
+        u.save()
+
+        # authenticate with username and password
+        resp = self.client.post(url, {'email': 'user@foo.com', 'password': 'pass'}, format='json')
+        self.assertEqual(resp.status_code, status.HTTP_400_BAD_REQUEST)
+
+        # set the user to activate and attempt to get a token from login
+        u.is_active = True
+        u.save()
+        resp = self.client.post(url, {'username': 'user', 'password': 'pass'}, format='json')
+        self.assertEqual(resp.status_code, status.HTTP_200_OK)
+        self.assertTrue('token' in resp.data)
diff --git a/backend/metagenedb/tests/test_user.py b/backend/metagenedb/tests/test_user.py
deleted file mode 100644
index 272cf7d3916fe24c9e5271263acfadc1953b4a9e..0000000000000000000000000000000000000000
--- a/backend/metagenedb/tests/test_user.py
+++ /dev/null
@@ -1,14 +0,0 @@
-from django.contrib.auth.models import User
-from django.test import TestCase
-
-
-class TestDatabase(TestCase):
-    def test_create_user(self):
-        user = User.objects.create_user(
-            username='user',
-            email='user@foo.com',
-            password='pass'
-        )
-        user.save()
-        user_count = User.objects.all().count()
-        self.assertEqual(user_count, 1)
diff --git a/backend/metagenedb/urls.py b/backend/metagenedb/urls.py
index be868ef3b1183bdc9ea4ed12de35d51e58b79ae8..88c0e520fa4a730653da959c13db526aa86c4341 100644
--- a/backend/metagenedb/urls.py
+++ b/backend/metagenedb/urls.py
@@ -18,6 +18,7 @@ from django.urls import include, path
 
 
 urlpatterns = [
+    path('', include('metagenedb.apps.accounts.urls')),
     path('admin/', admin.site.urls),
     path('catalog/', include('metagenedb.apps.catalog.urls'))
 ]
diff --git a/backend/pytest.ini b/backend/pytest.ini
index f1501096465f6d57d207ed3dbc900ad4e6569476..64eee8aaf1fa5346d89703076ce4920f7c04f481 100644
--- a/backend/pytest.ini
+++ b/backend/pytest.ini
@@ -1,3 +1,3 @@
 [pytest]
-DJANGO_SETTINGS_MODULE = backend.settings
+DJANGO_SETTINGS_MODULE = metagenedb.settings
 python_files = tests.py test_*.py *_tests.py
\ No newline at end of file
diff --git a/backend/requirements.txt b/backend/requirements.txt
index f3042d77074a7e8aff8a2b069aaa1976cb2ba3be..1ab39b2b3ab6d0faa1ca24f421621d092e9861cc 100644
--- a/backend/requirements.txt
+++ b/backend/requirements.txt
@@ -2,8 +2,11 @@ Django==2.2.1
 django-cors-headers==3.0.2
 django-environ==0.4.5
 django-extensions==2.1.7
+django-filter==2.1.0
 djangorestframework==3.9.4
+djangorestframework-jwt==1.11.0
 psycopg2==2.8.2
+PyJWT==1.7.1
 pytz==2019.1
 six==1.12.0
 sqlparse==0.3.0
diff --git a/backend/requirements_dev.txt b/backend/requirements_dev.txt
index dcd9565a63b40cfeeec566d1d1048c04a883223d..5e56a93721a88b4246815297e4a931470d446324 100644
--- a/backend/requirements_dev.txt
+++ b/backend/requirements_dev.txt
@@ -20,7 +20,6 @@ pyflakes==2.1.1
 pyparsing==2.4.0
 pytest==4.6.3
 pytest-cov==2.7.1
-pytest-django==3.5.0
 pytz==2019.1
 six==1.12.0
 sqlparse==0.3.0