diff --git a/src/main/java/fr/eni/demo/controller/ClientController.java b/src/main/java/fr/eni/demo/controller/ClientController.java
index 9d364d0..7c9d75d 100644
--- a/src/main/java/fr/eni/demo/controller/ClientController.java
+++ b/src/main/java/fr/eni/demo/controller/ClientController.java
@@ -61,7 +61,7 @@ public class ClientController {
         return ResponseEntity.ok(response);
     }
 
-    @DeleteMapping("/{id]")
+    @DeleteMapping("/{id}")
     public ResponseEntity<Map<String, Object>> delete(@PathVariable Long id) {
       clientService.delete(id);
       Map<String, Object> response = new HashMap<>();
diff --git a/src/main/java/fr/eni/demo/security/SecurityConfig.java b/src/main/java/fr/eni/demo/security/SecurityConfig.java
index c0b3ec8..f9eefe1 100644
--- a/src/main/java/fr/eni/demo/security/SecurityConfig.java
+++ b/src/main/java/fr/eni/demo/security/SecurityConfig.java
@@ -4,10 +4,10 @@ import fr.eni.demo.bll.JwtService;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
@@ -15,6 +15,7 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 @Configuration
 @EnableWebSecurity
@@ -27,14 +28,17 @@ public class SecurityConfig {
     }
 
     @Bean
-    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+    public SecurityFilterChain filterChain(HttpSecurity http, UserDetailsService userDetailsService) throws Exception {
+
+        JwtAuthFilter jwtFilter = new JwtAuthFilter(jwtService, userDetailsService);
+
         http
                 .authorizeHttpRequests(auth -> auth
-                        .requestMatchers("/api/auth").permitAll()
-                        .requestMatchers("/api/**").hasAnyRole("USER")
-                        .anyRequest().denyAll()
+                        .requestMatchers("/auth/**").permitAll()
+                        .anyRequest().authenticated()
                 )
-                .formLogin(Customizer.withDefaults());
+                .sessionManagement(sess -> sess.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+                .addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class);
 
         return http.build();
     }