diff --git a/frontend/.env.example b/frontend/.env.example
index 6c0cc52..c4a2e65 100644
--- a/frontend/.env.example
+++ b/frontend/.env.example
@@ -1,3 +1,5 @@
 REACT_APP_API_BASE_URL=http://localhost:8000
 REACT_APP_WEB_SOCKET_BASE_URL=ws://127.0.0.1:8000
 REACT_APP_RECAPTCHA_SITEKEY=
+IDENTITY_SERVER_URL=https://localhost:9443/
+CLIENT_ID=zaD9TmFtlFCVWkH4ny9uE6IVpQYa
\ No newline at end of file
diff --git a/frontend/package.json b/frontend/package.json
index ebadc0d..e88e94e 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -7,8 +7,10 @@
     "@material-ui/core": "^3.9.2",
     "@material-ui/icons": "^3.0.2",
     "@material-ui/lab": "^3.0.0-alpha.30",
+    "await-semaphore": "^0.1.3",
     "axios": "^0.18.1",
     "blueimp-md5": "^2.12.0",
+    "crypto-js": "^4.0.0",
     "draft-js": "^0.11.1",
     "draft-js-image-plugin": "^2.0.7",
     "draft-js-plugins-editor": "^2.1.1",
@@ -16,6 +18,7 @@
     "filepond": "^4.7.2",
     "filepond-plugin-file-validate-size": "^2.2.0",
     "formik": "^1.5.8",
+    "history": "^4.10.1",
     "immer": "^2.1.4",
     "immutable": "^4.0.0-rc.12",
     "material-table": "1.35.0",
diff --git a/frontend/src/authentication/auth-module/actions/crypto.d.ts b/frontend/src/authentication/auth-module/actions/crypto.d.ts
new file mode 100644
index 0000000..8403524
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/crypto.d.ts
@@ -0,0 +1,69 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+/// <reference types="crypto-js" />
+import { JWKInterface } from "../models/crypto";
+/**
+ * Generate email hash.
+ *
+ * @returns {string} hashed email address.
+ */
+export declare const getEmailHash: (emailAddress: string) => import("crypto-js").WordArray;
+/**
+ * Get URL encoded string.
+ *
+ * @param {CryptoJS.WordArray} value.
+ * @returns {string} base 64 url encoded value.
+ */
+export declare const base64URLEncode: (value: import("crypto-js").WordArray) => string;
+/**
+ * Generate code verifier.
+ *
+ * @returns {string} code verifier.
+ */
+export declare const getCodeVerifier: () => string;
+/**
+ * Derive code challenge from the code verifier.
+ *
+ * @param {string} verifier.
+ * @returns {string} code challenge.
+ */
+export declare const getCodeChallenge: (verifier: string) => string;
+/**
+ * Get the supported signing algorithms for the id_token.
+ *
+ * @returns {string[]} array of supported algorithms.
+ */
+export declare const getSupportedSignatureAlgorithms: () => string[];
+/**
+ * Get JWK used for the id_token
+ *
+ * @param {string} jwtHeader header of the id_token.
+ * @param {JWKInterface[]} keys jwks response.
+ * @returns {any} public key.
+ */
+export declare const getJWKForTheIdToken: (jwtHeader: string, keys: JWKInterface[]) => any;
+/**
+ * Verify id token.
+ *
+ * @param idToken id_token received from the IdP.
+ * @param jwk public key used for signing.
+ * @param {string} clientID app identification.
+ * @param {string} issuer id_token issuer.
+ * @returns {any} whether the id_token is valid.
+ */
+export declare const isValidIdToken: (idToken: any, jwk: any, clientID: string, issuer: string) => any;
diff --git a/frontend/src/authentication/auth-module/actions/crypto.js b/frontend/src/authentication/auth-module/actions/crypto.js
new file mode 100644
index 0000000..cd29a7a
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/crypto.js
@@ -0,0 +1,104 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import Base64 from "crypto-js/enc-base64";
+import WordArray from "crypto-js/lib-typedarrays";
+import MD5 from "crypto-js/md5";
+import sha256 from "crypto-js/sha256";
+import { KEYUTIL, KJUR } from "jsrsasign";
+/**
+ * Generate email hash.
+ *
+ * @returns {string} hashed email address.
+ */
+export const getEmailHash = (emailAddress) => {
+    return emailAddress ? MD5((emailAddress).trim()) : null;
+};
+/**
+ * Get URL encoded string.
+ *
+ * @param {CryptoJS.WordArray} value.
+ * @returns {string} base 64 url encoded value.
+ */
+export const base64URLEncode = (value) => {
+    return Base64.stringify(value)
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_")
+        .replace(/=/g, "");
+};
+/**
+ * Generate code verifier.
+ *
+ * @returns {string} code verifier.
+ */
+export const getCodeVerifier = () => {
+    return base64URLEncode(WordArray.random(32));
+};
+/**
+ * Derive code challenge from the code verifier.
+ *
+ * @param {string} verifier.
+ * @returns {string} code challenge.
+ */
+export const getCodeChallenge = (verifier) => {
+    return base64URLEncode(sha256(verifier));
+};
+/**
+ * Get the supported signing algorithms for the id_token.
+ *
+ * @returns {string[]} array of supported algorithms.
+ */
+export const getSupportedSignatureAlgorithms = () => {
+    return ["RS256", "RS512", "RS384", "PS256"];
+};
+/**
+ * Get JWK used for the id_token
+ *
+ * @param {string} jwtHeader header of the id_token.
+ * @param {JWKInterface[]} keys jwks response.
+ * @returns {any} public key.
+ */
+/* eslint-disable @typescript-eslint/no-explicit-any */
+export const getJWKForTheIdToken = (jwtHeader, keys) => {
+    const headerJSON = JSON.parse(atob(jwtHeader));
+    for (const key of keys) {
+        if (headerJSON.kid === key.kid) {
+            return KEYUTIL.getKey({ kty: key.kty, e: key.e, n: key.n });
+        }
+    }
+    throw new Error("Failed to find the 'kid' specified in the id_token. 'kid' found in the header : "
+        + headerJSON.kid + ", Expected values: " + keys.map((key) => key.kid).join(", "));
+};
+/**
+ * Verify id token.
+ *
+ * @param idToken id_token received from the IdP.
+ * @param jwk public key used for signing.
+ * @param {string} clientID app identification.
+ * @param {string} issuer id_token issuer.
+ * @returns {any} whether the id_token is valid.
+ */
+/* eslint-disable @typescript-eslint/no-explicit-any */
+export const isValidIdToken = (idToken, jwk, clientID, issuer) => {
+    return KJUR.jws.JWS.verifyJWT(idToken, jwk, {
+        alg: getSupportedSignatureAlgorithms(),
+        aud: clientID,
+        gracePeriod: 3600,
+        iss: [issuer]
+    });
+};
+//# sourceMappingURL=crypto.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/actions/crypto.js.map b/frontend/src/authentication/auth-module/actions/crypto.js.map
new file mode 100644
index 0000000..d8ab0db
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/crypto.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../src/actions/crypto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,MAAM,MAAM,sBAAsB,CAAC;AAC1C,OAAO,SAAS,MAAM,2BAA2B,CAAC;AAClD,OAAO,GAAG,MAAM,eAAe,CAAC;AAChC,OAAO,MAAM,MAAM,kBAAkB,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAG1C;;;;GAIG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,YAAoB,EAAsB,EAAE;IACrE,OAAO,YAAY,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,YAAY,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC5D,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,KAAyB,EAAU,EAAE;IACjE,OAAO,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC;SACzB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;AAC3B,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,GAAW,EAAE;IACxC,OAAO,eAAe,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AACjD,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,QAAgB,EAAU,EAAE;IACzD,OAAO,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;AAC7C,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,+BAA+B,GAAG,GAAa,EAAE;IAC1D,OAAO,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;AAChD,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,uDAAuD;AACvD,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,SAAiB,EAAE,IAAoB,EAAa,EAAE;IACtF,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IAE/C,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE;QACpB,IAAI,UAAU,CAAC,GAAG,KAAK,GAAG,CAAC,GAAG,EAAE;YAC5B,OAAO,OAAO,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;SAC/D;KACJ;IAED,MAAM,IAAI,KAAK,CAAC,kFAAkF;UAC5F,UAAU,CAAC,GAAG,GAAG,qBAAqB,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AAC1F,CAAC,CAAC;AAEF;;;;;;;;GAQG;AACH,uDAAuD;AACvD,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,OAAO,EAAE,GAAG,EAAE,QAAgB,EAAE,MAAc,EAAO,EAAE;IAClF,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,EAAE;QACxC,GAAG,EAAE,+BAA+B,EAAE;QACtC,GAAG,EAAE,QAAQ;QACb,WAAW,EAAE,IAAI;QACjB,GAAG,EAAE,CAAC,MAAM,CAAC;KAChB,CAAC,CAAC;AACP,CAAC,CAAC"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/actions/op-config.d.ts b/frontend/src/authentication/auth-module/actions/op-config.d.ts
new file mode 100644
index 0000000..7e5acf4
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/op-config.d.ts
@@ -0,0 +1,129 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+/**
+ * Checks whether openid configuration initiated.
+ *
+ * @returns {boolean}
+ */
+export declare const isOPConfigInitiated: () => boolean;
+/**
+ * Set OAuth2 authorize endpoint.
+ *
+ * @param {string} authorizationEndpoint
+ */
+export declare const setAuthorizeEndpoint: (authorizationEndpoint: string) => void;
+/**
+ * Set OAuth2 token endpoint.
+ *
+ * @param {string} tokenEndpoint
+ */
+export declare const setTokenEndpoint: (tokenEndpoint: string) => void;
+/**
+ * Set OIDC end session endpoint.
+ *
+ * @param {string} endSessionEndpoint
+ */
+export declare const setEndSessionEndpoint: (endSessionEndpoint: string) => void;
+/**
+ * Set JWKS URI.
+ *
+ * @param jwksEndpoint
+ */
+export declare const setJwksUri: (jwksEndpoint: any) => void;
+/**
+ * Set OAuth2 revoke token endpoint.
+ *
+ * @param {string} revokeTokenEndpoint
+ */
+export declare const setRevokeTokenEndpoint: (revokeTokenEndpoint: string) => void;
+/**
+ * Set openid configuration initiated.
+ */
+export declare const setOPConfigInitiated: () => void;
+/**
+ * Set id_token issuer.
+ *
+ * @param issuer id_token issuer.
+ */
+export declare const setIssuer: (issuer: any) => void;
+/**
+ * Initialize openid provider configuration.
+ *
+ * @param {string} wellKnownEndpoint openid provider configuration.
+ * @param {boolean} forceInit whether to initialize the configuration again.
+ * @returns {Promise<any>} promise.
+ */
+export declare const initOPConfiguration: (wellKnownEndpoint: string, forceInit: boolean) => Promise<any>;
+/**
+ * Reset openid provider configuration.
+ */
+export declare const resetOPConfiguration: () => void;
+/**
+ * Get OAuth2 authorize endpoint.
+ *
+ * @returns {string|null}
+ */
+export declare const getAuthorizeEndpoint: () => string;
+/**
+ * Get OAuth2 token endpoint.
+ *
+ * @returns {string|null}
+ */
+export declare const getTokenEndpoint: () => string;
+/**
+ * Get OAuth2 revoke token endpoint.
+ *
+ * @returns {string|null}
+ */
+export declare const getRevokeTokenEndpoint: () => string;
+/**
+ * Get OIDC end session endpoint.
+ *
+ * @returns {string|null}
+ */
+export declare const getEndSessionEndpoint: () => string;
+/**
+ * Get JWKS URI.
+ *
+ * @returns {string|null}
+ */
+export declare const getJwksUri: () => string;
+/**
+ * Get authenticated user's username
+ *
+ * @returns {string|null}
+ */
+export declare const getUsername: () => string;
+/**
+ * Get tenant name
+ *
+ * @returns {any}
+ */
+export declare const getTenant: () => string | string[];
+/**
+ * Get id_token issuer.
+ *
+ * @returns {any}
+ */
+export declare const getIssuer: () => string;
+/**
+ * Checks whether openid configuration initiated is valid.
+ *
+ * @returns {boolean}
+ */
+export declare const isValidOPConfig: (tenant: any) => boolean;
diff --git a/frontend/src/authentication/auth-module/actions/op-config.js b/frontend/src/authentication/auth-module/actions/op-config.js
new file mode 100644
index 0000000..a5fc3b6
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/op-config.js
@@ -0,0 +1,207 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import axios from "axios";
+import { AUTHORIZATION_ENDPOINT, END_SESSION_ENDPOINT, ISSUER, JWKS_ENDPOINT, OP_CONFIG_INITIATED, REVOKE_TOKEN_ENDPOINT, TOKEN_ENDPOINT, USERNAME } from "../constants";
+import { getSessionParameter, removeSessionParameter, setSessionParameter } from "./session";
+/**
+ * Checks whether openid configuration initiated.
+ *
+ * @returns {boolean}
+ */
+export const isOPConfigInitiated = () => {
+    return getSessionParameter(OP_CONFIG_INITIATED) && getSessionParameter(OP_CONFIG_INITIATED) === "true";
+};
+/**
+ * Set OAuth2 authorize endpoint.
+ *
+ * @param {string} authorizationEndpoint
+ */
+export const setAuthorizeEndpoint = (authorizationEndpoint) => {
+    setSessionParameter(AUTHORIZATION_ENDPOINT, authorizationEndpoint);
+};
+/**
+ * Set OAuth2 token endpoint.
+ *
+ * @param {string} tokenEndpoint
+ */
+export const setTokenEndpoint = (tokenEndpoint) => {
+    setSessionParameter(TOKEN_ENDPOINT, tokenEndpoint);
+};
+/**
+ * Set OIDC end session endpoint.
+ *
+ * @param {string} endSessionEndpoint
+ */
+export const setEndSessionEndpoint = (endSessionEndpoint) => {
+    setSessionParameter(END_SESSION_ENDPOINT, endSessionEndpoint);
+};
+/**
+ * Set JWKS URI.
+ *
+ * @param jwksEndpoint
+ */
+export const setJwksUri = (jwksEndpoint) => {
+    setSessionParameter(JWKS_ENDPOINT, jwksEndpoint);
+};
+/**
+ * Set OAuth2 revoke token endpoint.
+ *
+ * @param {string} revokeTokenEndpoint
+ */
+export const setRevokeTokenEndpoint = (revokeTokenEndpoint) => {
+    setSessionParameter(REVOKE_TOKEN_ENDPOINT, revokeTokenEndpoint);
+};
+/**
+ * Set openid configuration initiated.
+ */
+export const setOPConfigInitiated = () => {
+    setSessionParameter(OP_CONFIG_INITIATED, "true");
+};
+/**
+ * Set id_token issuer.
+ *
+ * @param issuer id_token issuer.
+ */
+export const setIssuer = (issuer) => {
+    setSessionParameter(ISSUER, issuer);
+};
+/**
+ * Initialize openid provider configuration.
+ *
+ * @param {string} wellKnownEndpoint openid provider configuration.
+ * @param {boolean} forceInit whether to initialize the configuration again.
+ * @returns {Promise<any>} promise.
+ */
+/* eslint-disable @typescript-eslint/no-explicit-any */
+export const initOPConfiguration = (wellKnownEndpoint, forceInit) => {
+    if (!forceInit && isOPConfigInitiated()) {
+        Promise.resolve("success");
+    }
+    if (!wellKnownEndpoint || wellKnownEndpoint.trim().length === 0) {
+        return Promise.reject(new Error("OpenID provider configuration endpoint is not defined."));
+    }
+    return axios.get(wellKnownEndpoint)
+        .then((response) => {
+        if (response.status !== 200) {
+            return Promise.reject(new Error("Failed to load OpenID provider configuration from: "
+                + wellKnownEndpoint));
+        }
+        setAuthorizeEndpoint(response.data.authorization_endpoint);
+        setTokenEndpoint(response.data.token_endpoint);
+        setEndSessionEndpoint(response.data.end_session_endpoint);
+        setJwksUri(response.data.jwks_uri);
+        setRevokeTokenEndpoint(response.data.token_endpoint
+            .substring(0, response.data.token_endpoint.lastIndexOf("token")) + "revoke");
+        setIssuer(response.data.issuer);
+        setOPConfigInitiated();
+        return Promise.resolve("success");
+    }).catch((error) => {
+        return Promise.reject(error);
+    });
+};
+/**
+ * Reset openid provider configuration.
+ */
+export const resetOPConfiguration = () => {
+    removeSessionParameter(AUTHORIZATION_ENDPOINT);
+    removeSessionParameter(TOKEN_ENDPOINT);
+    removeSessionParameter(END_SESSION_ENDPOINT);
+    removeSessionParameter(JWKS_ENDPOINT);
+    removeSessionParameter(REVOKE_TOKEN_ENDPOINT);
+    removeSessionParameter(OP_CONFIG_INITIATED);
+    removeSessionParameter(ISSUER);
+};
+/**
+ * Get OAuth2 authorize endpoint.
+ *
+ * @returns {string|null}
+ */
+export const getAuthorizeEndpoint = () => {
+    return getSessionParameter(AUTHORIZATION_ENDPOINT);
+};
+/**
+ * Get OAuth2 token endpoint.
+ *
+ * @returns {string|null}
+ */
+export const getTokenEndpoint = () => {
+    return getSessionParameter(TOKEN_ENDPOINT);
+};
+/**
+ * Get OAuth2 revoke token endpoint.
+ *
+ * @returns {string|null}
+ */
+export const getRevokeTokenEndpoint = () => {
+    return getSessionParameter(REVOKE_TOKEN_ENDPOINT);
+};
+/**
+ * Get OIDC end session endpoint.
+ *
+ * @returns {string|null}
+ */
+export const getEndSessionEndpoint = () => {
+    return getSessionParameter(END_SESSION_ENDPOINT);
+};
+/**
+ * Get JWKS URI.
+ *
+ * @returns {string|null}
+ */
+export const getJwksUri = () => {
+    return getSessionParameter(JWKS_ENDPOINT);
+};
+/**
+ * Get authenticated user's username
+ *
+ * @returns {string|null}
+ */
+export const getUsername = () => {
+    return getSessionParameter(USERNAME);
+};
+/**
+ * Get tenant name
+ *
+ * @returns {any}
+ */
+export const getTenant = () => {
+    if (getUsername()) {
+        const usernameSplit = getUsername().split("@");
+        if (usernameSplit.length > 1) {
+            return usernameSplit[usernameSplit.length - 1];
+        }
+    }
+    return "";
+};
+/**
+ * Get id_token issuer.
+ *
+ * @returns {any}
+ */
+export const getIssuer = () => {
+    return getSessionParameter(ISSUER);
+};
+/**
+ * Checks whether openid configuration initiated is valid.
+ *
+ * @returns {boolean}
+ */
+export const isValidOPConfig = (tenant) => {
+    return isOPConfigInitiated() && ((getTenant() !== "") && (getTenant() !== tenant));
+};
+//# sourceMappingURL=op-config.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/actions/op-config.js.map b/frontend/src/authentication/auth-module/actions/op-config.js.map
new file mode 100644
index 0000000..b80fa26
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/op-config.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"op-config.js","sourceRoot":"","sources":["../../src/actions/op-config.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EACH,sBAAsB,EACtB,oBAAoB,EACpB,MAAM,EACN,aAAa,EACb,mBAAmB,EACnB,qBAAqB,EACrB,cAAc,EACd,QAAQ,EACX,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,mBAAmB,EAAE,sBAAsB,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAC;AAE7F;;;;GAIG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,GAAY,EAAE;IAC7C,OAAO,mBAAmB,CAAC,mBAAmB,CAAC,IAAI,mBAAmB,CAAC,mBAAmB,CAAC,KAAK,MAAM,CAAC;AAC3G,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,qBAA6B,EAAQ,EAAE;IACxE,mBAAmB,CAAC,sBAAsB,EAAE,qBAAqB,CAAC,CAAC;AACvE,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,aAAqB,EAAQ,EAAE;IAC5D,mBAAmB,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC;AACvD,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,kBAA0B,EAAQ,EAAE;IACtE,mBAAmB,CAAC,oBAAoB,EAAE,kBAAkB,CAAC,CAAC;AAClE,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,YAAY,EAAQ,EAAE;IAC7C,mBAAmB,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;AACrD,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,mBAA2B,EAAQ,EAAE;IACxE,mBAAmB,CAAC,qBAAqB,EAAE,mBAAmB,CAAC,CAAC;AACpE,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAAS,EAAE;IAC3C,mBAAmB,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC;AACrD,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,MAAM,EAAQ,EAAE;IACtC,mBAAmB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACxC,CAAC,CAAC;AAGF;;;;;;GAMG;AACH,uDAAuD;AACvD,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAC3B,iBAAyB,EACzB,SAAkB,EACN,EAAE;IAElB,IAAI,CAAC,SAAS,IAAI,mBAAmB,EAAE,EAAE;QACrC,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;KAC9B;IAED,IAAI,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7D,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC,CAAC;KAC9F;IAED,OAAO,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC;SAC9B,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;QACf,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YACzB,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,qDAAqD;kBAC/E,iBAAiB,CAAC,CAAC,CAAC;SAC7B;QACD,oBAAoB,CAAC,QAAQ,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QAC3D,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC/C,qBAAqB,CAAC,QAAQ,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QAC1D,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,sBAAsB,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc;aAC9C,SAAS,CAAC,CAAC,EAAE,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC;QACjF,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAChC,oBAAoB,EAAE,CAAC;QAEvB,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACf,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACX,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAAS,EAAE;IAC3C,sBAAsB,CAAC,sBAAsB,CAAC,CAAC;IAC/C,sBAAsB,CAAC,cAAc,CAAC,CAAC;IACvC,sBAAsB,CAAC,oBAAoB,CAAC,CAAC;IAC7C,sBAAsB,CAAC,aAAa,CAAC,CAAC;IACtC,sBAAsB,CAAC,qBAAqB,CAAC,CAAC;IAC9C,sBAAsB,CAAC,mBAAmB,CAAC,CAAC;IAC5C,sBAAsB,CAAC,MAAM,CAAC,CAAC;AACnC,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAAgB,EAAE;IAClD,OAAO,mBAAmB,CAAC,sBAAsB,CAAC,CAAC;AACvD,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,GAAgB,EAAE;IAC9C,OAAO,mBAAmB,CAAC,cAAc,CAAC,CAAC;AAC/C,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,GAAgB,EAAE;IACpD,OAAO,mBAAmB,CAAC,qBAAqB,CAAC,CAAC;AACtD,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,GAAgB,EAAE;IACnD,OAAO,mBAAmB,CAAC,oBAAoB,CAAC,CAAC;AACrD,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,GAAgB,EAAE;IACxC,OAAO,mBAAmB,CAAC,aAAa,CAAC,CAAC;AAC9C,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,GAAgB,EAAE;IACzC,OAAO,mBAAmB,CAAC,QAAQ,CAAC,CAAC;AACzC,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,GAAoB,EAAE;IAC3C,IAAI,WAAW,EAAE,EAAE;QACf,MAAM,aAAa,GAAG,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAE/C,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,OAAO,aAAa,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;SAClD;KACJ;IAED,OAAO,EAAE,CAAC;AACd,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,GAAW,EAAE;IAClC,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,MAAM,EAAW,EAAE;IAC/C,OAAO,mBAAmB,EAAE,IAAI,CAAC,CAAC,SAAS,EAAE,KAAK,EAAE,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,MAAM,CAAC,CAAC,CAAC;AACvF,CAAC,CAAC"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/actions/session.d.ts b/frontend/src/authentication/auth-module/actions/session.d.ts
new file mode 100644
index 0000000..1ac3a85
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/session.d.ts
@@ -0,0 +1,63 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import { AuthenticatedUserInterface } from "../models/authenticated-user";
+import { SessionInterface } from "../models/session";
+import { TokenResponseInterface } from "../models/token-response";
+/**
+ * Remove parameter from session storage.
+ *
+ * @param {string} key.
+ */
+export declare const removeSessionParameter: (key: string) => void;
+/**
+ * Set parameter to session storage.
+ *
+ * @param {string} key.
+ * @param value value.
+ */
+export declare const setSessionParameter: (key: string, value: string) => void;
+/**
+ * Get parameter from session storage.
+ *
+ * @param {string} key.
+ * @returns {string | null} parameter value or null.
+ */
+export declare const getSessionParameter: (key: string) => string;
+/**
+ * End authenticated user session.
+ */
+export declare const endAuthenticatedSession: () => void;
+/**
+ * Initialize authenticated user session.
+ *
+ * @param {TokenResponseInterface} tokenResponse.
+ * @param authenticatedUser authenticated user.
+ */
+export declare const initUserSession: (tokenResponse: TokenResponseInterface, authenticatedUser: AuthenticatedUserInterface) => void;
+/**
+ * Get the user session object.
+ *
+ * @returns {SessionInterface} session object.
+ */
+export declare const getAllSessionParameters: () => SessionInterface;
+/**
+ * Get access token.
+ *
+ * @returns {Promise<string>} access token.
+ */
+export declare const getAccessToken: () => Promise<string>;
diff --git a/frontend/src/authentication/auth-module/actions/session.js b/frontend/src/authentication/auth-module/actions/session.js
new file mode 100644
index 0000000..5b9987f
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/session.js
@@ -0,0 +1,146 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import { Semaphore } from "await-semaphore";
+import { ACCESS_TOKEN, ACCESS_TOKEN_EXPIRE_IN, ACCESS_TOKEN_ISSUED_AT, DISPLAY_NAME, EMAIL, ID_TOKEN, REFRESH_TOKEN, REQUEST_PARAMS, SCOPE, TOKEN_TYPE, USERNAME } from "../constants";
+import { getAuthenticatedUser, sendRefreshTokenRequest } from "./sign-in";
+/**
+ * Semaphore used for synchronizing the refresh token requests.
+ */
+const semaphore = new Semaphore(1);
+/**
+ * Remove parameter from session storage.
+ *
+ * @param {string} key.
+ */
+export const removeSessionParameter = (key) => {
+    sessionStorage.removeItem(key);
+};
+/**
+ * Set parameter to session storage.
+ *
+ * @param {string} key.
+ * @param value value.
+ */
+export const setSessionParameter = (key, value) => {
+    sessionStorage.setItem(key, value);
+};
+/**
+ * Get parameter from session storage.
+ *
+ * @param {string} key.
+ * @returns {string | null} parameter value or null.
+ */
+export const getSessionParameter = (key) => {
+    return sessionStorage.getItem(key);
+};
+/**
+ * End authenticated user session.
+ */
+export const endAuthenticatedSession = () => {
+    removeSessionParameter(ACCESS_TOKEN);
+    removeSessionParameter(ACCESS_TOKEN_EXPIRE_IN);
+    removeSessionParameter(ACCESS_TOKEN_ISSUED_AT);
+    removeSessionParameter(DISPLAY_NAME);
+    removeSessionParameter(EMAIL);
+    removeSessionParameter(ID_TOKEN);
+    removeSessionParameter(REFRESH_TOKEN);
+    removeSessionParameter(SCOPE);
+    removeSessionParameter(TOKEN_TYPE);
+    removeSessionParameter(USERNAME);
+};
+/**
+ * Initialize authenticated user session.
+ *
+ * @param {TokenResponseInterface} tokenResponse.
+ * @param authenticatedUser authenticated user.
+ */
+export const initUserSession = (tokenResponse, authenticatedUser) => {
+    endAuthenticatedSession();
+    setSessionParameter(ACCESS_TOKEN, tokenResponse.accessToken);
+    setSessionParameter(ACCESS_TOKEN_EXPIRE_IN, tokenResponse.expiresIn);
+    setSessionParameter(ACCESS_TOKEN_ISSUED_AT, (Date.now() / 1000).toString());
+    setSessionParameter(DISPLAY_NAME, authenticatedUser.displayName);
+    setSessionParameter(EMAIL, authenticatedUser.email);
+    setSessionParameter(ID_TOKEN, tokenResponse.idToken);
+    setSessionParameter(SCOPE, tokenResponse.scope);
+    setSessionParameter(REFRESH_TOKEN, tokenResponse.refreshToken);
+    setSessionParameter(TOKEN_TYPE, tokenResponse.tokenType);
+    setSessionParameter(USERNAME, authenticatedUser.username);
+};
+/**
+ * Get the user session object.
+ *
+ * @returns {SessionInterface} session object.
+ */
+export const getAllSessionParameters = () => {
+    return {
+        accessToken: getSessionParameter(ACCESS_TOKEN),
+        displayName: getSessionParameter(DISPLAY_NAME),
+        email: getSessionParameter(EMAIL),
+        expiresIn: getSessionParameter(ACCESS_TOKEN_ISSUED_AT),
+        idToken: getSessionParameter(ID_TOKEN),
+        refreshToken: getSessionParameter(REFRESH_TOKEN),
+        scope: getSessionParameter(SCOPE),
+        tokenType: getSessionParameter(TOKEN_TYPE),
+        username: getSessionParameter(USERNAME)
+    };
+};
+/**
+ * Get access token.
+ *
+ * @returns {Promise<string>} access token.
+ */
+export const getAccessToken = () => {
+    const accessToken = getSessionParameter(ACCESS_TOKEN);
+    const expiresIn = getSessionParameter(ACCESS_TOKEN_EXPIRE_IN);
+    const issuedAt = getSessionParameter(ACCESS_TOKEN_ISSUED_AT);
+    if (!accessToken || accessToken.trim().length === 0 || !expiresIn || expiresIn.length === 0 || !issuedAt
+        || issuedAt.length === 0) {
+        endAuthenticatedSession();
+        return Promise.reject(new Error("Invalid user session."));
+    }
+    function getValidityPeriod() {
+        const currentExpiresIn = getSessionParameter(ACCESS_TOKEN_EXPIRE_IN);
+        const currentIssuedAt = getSessionParameter(ACCESS_TOKEN_ISSUED_AT);
+        return (parseInt(currentIssuedAt, 10) + parseInt(currentExpiresIn, 10)) - Math.floor(Date.now() / 1000);
+    }
+    let validityPeriod = getValidityPeriod();
+    if (validityPeriod <= 300) {
+        return semaphore.use(() => {
+            validityPeriod = getValidityPeriod();
+            if (validityPeriod <= 300) {
+                const requestParams = JSON.parse(getSessionParameter(REQUEST_PARAMS));
+                return sendRefreshTokenRequest(requestParams, getSessionParameter(REFRESH_TOKEN))
+                    .then((tokenResponse) => {
+                    const authenticatedUser = getAuthenticatedUser(tokenResponse.idToken);
+                    initUserSession(tokenResponse, authenticatedUser);
+                    return Promise.resolve(tokenResponse.accessToken);
+                }).catch((error) => {
+                    return Promise.reject(error);
+                });
+            }
+            else {
+                return Promise.resolve(getSessionParameter(ACCESS_TOKEN));
+            }
+        });
+    }
+    else {
+        return Promise.resolve(accessToken);
+    }
+};
+//# sourceMappingURL=session.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/actions/session.js.map b/frontend/src/authentication/auth-module/actions/session.js.map
new file mode 100644
index 0000000..d8dd372
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/session.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/actions/session.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EACH,YAAY,EACZ,sBAAsB,EACtB,sBAAsB,EACtB,YAAY,EACZ,KAAK,EACL,QAAQ,EACR,aAAa,EACb,cAAc,EACd,KAAK,EACL,UAAU,EACV,QAAQ,EACX,MAAM,cAAc,CAAC;AAItB,OAAO,EAAE,oBAAoB,EAAE,uBAAuB,EAAE,MAAM,WAAW,CAAC;AAE1E;;GAEG;AACH,MAAM,SAAS,GAAG,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC;AAEnC;;;;GAIG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,GAAW,EAAQ,EAAE;IACxD,cAAc,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;AACnC,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,GAAW,EAAE,KAAa,EAAQ,EAAE;IACpE,cAAc,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;AACvC,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,GAAW,EAAe,EAAE;IAC5D,OAAO,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AACvC,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,GAAS,EAAE;IAC9C,sBAAsB,CAAC,YAAY,CAAC,CAAC;IACrC,sBAAsB,CAAC,sBAAsB,CAAC,CAAC;IAC/C,sBAAsB,CAAC,sBAAsB,CAAC,CAAC;IAC/C,sBAAsB,CAAC,YAAY,CAAC,CAAC;IACrC,sBAAsB,CAAC,KAAK,CAAC,CAAC;IAC9B,sBAAsB,CAAC,QAAQ,CAAC,CAAC;IACjC,sBAAsB,CAAC,aAAa,CAAC,CAAC;IACtC,sBAAsB,CAAC,KAAK,CAAC,CAAC;IAC9B,sBAAsB,CAAC,UAAU,CAAC,CAAC;IACnC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;AACrC,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,aAAqC,EACrC,iBAA6C,EAAQ,EAAE;IACnF,uBAAuB,EAAE,CAAC;IAC1B,mBAAmB,CAAC,YAAY,EAAE,aAAa,CAAC,WAAW,CAAC,CAAC;IAC7D,mBAAmB,CAAC,sBAAsB,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC;IACrE,mBAAmB,CAAC,sBAAsB,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC5E,mBAAmB,CAAC,YAAY,EAAE,iBAAiB,CAAC,WAAW,CAAC,CAAC;IACjE,mBAAmB,CAAC,KAAK,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC;IACpD,mBAAmB,CAAC,QAAQ,EAAE,aAAa,CAAC,OAAO,CAAC,CAAC;IACrD,mBAAmB,CAAC,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC;IAChD,mBAAmB,CAAC,aAAa,EAAE,aAAa,CAAC,YAAY,CAAC,CAAC;IAC/D,mBAAmB,CAAC,UAAU,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC;IACzD,mBAAmB,CAAC,QAAQ,EAAE,iBAAiB,CAAC,QAAQ,CAAC,CAAC;AAC9D,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,GAAqB,EAAE;IAC1D,OAAO;QACH,WAAW,EAAE,mBAAmB,CAAC,YAAY,CAAC;QAC9C,WAAW,EAAE,mBAAmB,CAAC,YAAY,CAAC;QAC9C,KAAK,EAAE,mBAAmB,CAAC,KAAK,CAAC;QACjC,SAAS,EAAE,mBAAmB,CAAC,sBAAsB,CAAC;QACtD,OAAO,EAAE,mBAAmB,CAAC,QAAQ,CAAC;QACtC,YAAY,EAAE,mBAAmB,CAAC,aAAa,CAAC;QAChD,KAAK,EAAE,mBAAmB,CAAC,KAAK,CAAC;QACjC,SAAS,EAAE,mBAAmB,CAAC,UAAU,CAAC;QAC1C,QAAQ,EAAE,mBAAmB,CAAC,QAAQ,CAAC;KAC1C,CAAC;AACN,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,GAAoB,EAAE;IAChD,MAAM,WAAW,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,mBAAmB,CAAC,sBAAsB,CAAC,CAAC;IAC9D,MAAM,QAAQ,GAAG,mBAAmB,CAAC,sBAAsB,CAAC,CAAC;IAE7D,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,QAAQ;WACjG,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QAC1B,uBAAuB,EAAE,CAAC;QAE1B,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC;KAC7D;IAED,SAAS,iBAAiB;QACtB,MAAM,gBAAgB,GAAG,mBAAmB,CAAC,sBAAsB,CAAC,CAAC;QACrE,MAAM,eAAe,GAAG,mBAAmB,CAAC,sBAAsB,CAAC,CAAC;QAEpE,OAAO,CAAC,QAAQ,CAAC,eAAe,EAAE,EAAE,CAAC,GAAG,QAAQ,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC5G,CAAC;IAED,IAAI,cAAc,GAAG,iBAAiB,EAAE,CAAC;IAEzC,IAAI,cAAc,IAAI,GAAG,EAAE;QAEvB,OAAO,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE;YACtB,cAAc,GAAG,iBAAiB,EAAE,CAAC;YACrC,IAAI,cAAc,IAAI,GAAG,EAAE;gBACvB,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,cAAc,CAAC,CAAC,CAAC;gBACtE,OAAO,uBAAuB,CAAC,aAAa,EAAE,mBAAmB,CAAC,aAAa,CAAC,CAAC;qBAC5E,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE;oBACpB,MAAM,iBAAiB,GAAG,oBAAoB,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;oBACtE,eAAe,CAAC,aAAa,EAAE,iBAAiB,CAAC,CAAC;oBAClD,OAAO,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;gBACtD,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;oBACf,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACjC,CAAC,CAAC,CAAC;aACV;iBAAM;gBACH,OAAO,OAAO,CAAC,OAAO,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC,CAAC;aAC7D;QACL,CAAC,CAAC,CAAC;KACN;SAAM;QACH,OAAO,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;KACvC;AACL,CAAC,CAAC"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/actions/sign-in.d.ts b/frontend/src/authentication/auth-module/actions/sign-in.d.ts
new file mode 100644
index 0000000..7bfc857
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/sign-in.d.ts
@@ -0,0 +1,77 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import { AuthenticatedUserInterface } from "../models/authenticated-user";
+import { AccountSwitchRequestParams, OIDCRequestParamsInterface } from "../models/oidc-request-params";
+import { TokenResponseInterface } from "../models/token-response";
+/**
+ * Checks whether authorization code present in the request.
+ *
+ * @returns {boolean} true if authorization code is present.
+ */
+export declare const hasAuthorizationCode: () => boolean;
+/**
+ * Send authorization request.
+ *
+ * @param {OIDCRequestParamsInterface} requestParams request parameters required for authorization request.
+ */
+export declare const sendAuthorizationRequest: (requestParams: OIDCRequestParamsInterface) => boolean | Promise<never>;
+/**
+ * Send token request.
+ *
+ * @param {OIDCRequestParamsInterface} requestParams request parameters required for token request.
+ * @returns {Promise<TokenResponseInterface>} token response data or error.
+ */
+export declare const sendTokenRequest: (requestParams: OIDCRequestParamsInterface) => Promise<TokenResponseInterface>;
+/**
+ * Send refresh token request.
+ *
+ * @param {OIDCRequestParamsInterface} requestParams request parameters required for token request.
+ * @param {string} refreshToken
+ * @returns {Promise<TokenResponseInterface>} refresh token response data or error.
+ */
+export declare const sendRefreshTokenRequest: (requestParams: OIDCRequestParamsInterface, refreshToken: string) => Promise<TokenResponseInterface>;
+/**
+ * Send revoke token request.
+ *
+ * @param {OIDCRequestParamsInterface} requestParams request parameters required for revoke token request.
+ * @param {string} accessToken access token
+ * @returns {any}
+ */
+export declare const sendRevokeTokenRequest: (requestParams: OIDCRequestParamsInterface, accessToken: string) => Promise<any>;
+/**
+ * Get user image from gravatar.com.
+ *
+ * @param emailAddress email address received authenticated user.
+ * @returns {string} gravatar image path.
+ */
+export declare const getGravatar: (emailAddress: string) => string;
+/**
+ * Get authenticated user from the id_token.
+ *
+ * @param idToken id_token received from the IdP.
+ * @returns {AuthenticatedUserInterface} authenticated user.
+ */
+export declare const getAuthenticatedUser: (idToken: string) => AuthenticatedUserInterface;
+/**
+ * Send account switch request.
+ *
+ * @param {AccountSwitchRequestParams} requestParams request parameters required for the account switch request.
+ * @param {string} clientHost client host.
+ * @returns {Promise<TokenResponseInterface>} token response data or error.
+ */
+export declare const sendAccountSwitchRequest: (requestParams: AccountSwitchRequestParams) => Promise<TokenResponseInterface>;
diff --git a/frontend/src/authentication/auth-module/actions/sign-in.js b/frontend/src/authentication/auth-module/actions/sign-in.js
new file mode 100644
index 0000000..9bc45fc
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/sign-in.js
@@ -0,0 +1,306 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import axios from "axios";
+import { ACCESS_TOKEN, AUTHORIZATION_CODE, OIDC_SCOPE, PKCE_CODE_VERIFIER, REQUEST_PARAMS, SERVICE_RESOURCES } from "../constants";
+import { getCodeChallenge, getCodeVerifier, getEmailHash, getJWKForTheIdToken, isValidIdToken } from "./crypto";
+import { getAuthorizeEndpoint, getIssuer, getJwksUri, getRevokeTokenEndpoint, getTokenEndpoint } from "./op-config";
+import { getSessionParameter, removeSessionParameter, setSessionParameter } from "./session";
+/**
+ * Checks whether authorization code present in the request.
+ *
+ * @returns {boolean} true if authorization code is present.
+ */
+export const hasAuthorizationCode = () => {
+    return !!new URL(window.location.href).searchParams.get(AUTHORIZATION_CODE);
+};
+/**
+ * Get token request headers.
+ *
+ * @param {string} clientHost
+ * @returns {{headers: {Accept: string; "Access-Control-Allow-Origin": string; "Content-Type": string}}}
+ */
+const getTokenRequestHeaders = (clientHost) => {
+    return {
+        headers: {
+            "Accept": "application/json",
+            "Access-Control-Allow-Origin": clientHost,
+            "Content-Type": "application/x-www-form-urlencoded"
+        }
+    };
+};
+/**
+ * Send authorization request.
+ *
+ * @param {OIDCRequestParamsInterface} requestParams request parameters required for authorization request.
+ */
+export const sendAuthorizationRequest = (requestParams) => {
+    const authorizeEndpoint = getAuthorizeEndpoint();
+    if (!authorizeEndpoint || authorizeEndpoint.trim().length === 0) {
+        return Promise.reject(new Error("Invalid authorize endpoint found."));
+    }
+    let authorizeRequest = authorizeEndpoint + "?response_type=code&client_id="
+        + requestParams.clientId;
+    let scope = OIDC_SCOPE;
+    if (requestParams.scope && requestParams.scope.length > 0) {
+        if (!requestParams.scope.includes(OIDC_SCOPE)) {
+            requestParams.scope.push(OIDC_SCOPE);
+        }
+        scope = requestParams.scope.join(" ");
+    }
+    authorizeRequest += "&scope=" + scope;
+    authorizeRequest += "&redirect_uri=" + requestParams.redirectUri;
+    if (requestParams.enablePKCE) {
+        const codeVerifier = getCodeVerifier();
+        const codeChallenge = getCodeChallenge(codeVerifier);
+        setSessionParameter(PKCE_CODE_VERIFIER, codeVerifier);
+        authorizeRequest += "&code_challenge_method=S256&code_challenge=" + codeChallenge;
+    }
+    if (requestParams.prompt) {
+        authorizeRequest += "&prompt=" + requestParams.prompt;
+    }
+    document.location.href = authorizeRequest;
+    return false;
+};
+/**
+ * Validate id_token.
+ *
+ * @param {string} clientId client ID.
+ * @param {string} idToken id_token received from the IdP.
+ * @returns {Promise<boolean>} whether token is valid.
+ */
+/* eslint-disable @typescript-eslint/no-explicit-any */
+const validateIdToken = (clientId, idToken, serverOrigin) => {
+    const jwksEndpoint = getJwksUri();
+    if (!jwksEndpoint || jwksEndpoint.trim().length === 0) {
+        return Promise.reject("Invalid JWKS URI found.");
+    }
+    return axios.get(jwksEndpoint)
+        .then((response) => {
+        if (response.status !== 200) {
+            return Promise.reject(new Error("Failed to load public keys from JWKS URI: "
+                + jwksEndpoint));
+        }
+        const jwk = getJWKForTheIdToken(idToken.split(".")[0], response.data.keys);
+        let issuer = getIssuer();
+        if (!issuer || issuer.trim().length === 0) {
+            issuer = serverOrigin + SERVICE_RESOURCES.token;
+        }
+        return Promise.resolve(isValidIdToken(idToken, jwk, clientId, issuer));
+    }).catch((error) => {
+        return Promise.reject(error);
+    });
+};
+/**
+ * Send token request.
+ *
+ * @param {OIDCRequestParamsInterface} requestParams request parameters required for token request.
+ * @returns {Promise<TokenResponseInterface>} token response data or error.
+ */
+export const sendTokenRequest = (requestParams) => {
+    const tokenEndpoint = getTokenEndpoint();
+    if (!tokenEndpoint || tokenEndpoint.trim().length === 0) {
+        return Promise.reject(new Error("Invalid token endpoint found."));
+    }
+    const code = new URL(window.location.href).searchParams.get(AUTHORIZATION_CODE);
+    const body = [];
+    body.push(`client_id=${requestParams.clientId}`);
+    if (requestParams.clientSecret && requestParams.clientSecret.trim().length > 0) {
+        body.push(`client_secret=${requestParams.clientSecret}`);
+    }
+    body.push(`code=${code}`);
+    body.push("grant_type=authorization_code");
+    body.push(`redirect_uri=${requestParams.redirectUri}`);
+    if (requestParams.enablePKCE) {
+        body.push(`code_verifier=${getSessionParameter(PKCE_CODE_VERIFIER)}`);
+        removeSessionParameter(PKCE_CODE_VERIFIER);
+    }
+    return axios.post(tokenEndpoint, body.join("&"), getTokenRequestHeaders(requestParams.clientHost))
+        .then((response) => {
+        if (response.status !== 200) {
+            return Promise.reject(new Error("Invalid status code received in the token response: "
+                + response.status));
+        }
+        return validateIdToken(requestParams.clientId, response.data.id_token, requestParams.serverOrigin)
+            .then((valid) => {
+            if (valid) {
+                setSessionParameter(REQUEST_PARAMS, JSON.stringify(requestParams));
+                const tokenResponse = {
+                    accessToken: response.data.access_token,
+                    expiresIn: response.data.expires_in,
+                    idToken: response.data.id_token,
+                    refreshToken: response.data.refresh_token,
+                    scope: response.data.scope,
+                    tokenType: response.data.token_type
+                };
+                return Promise.resolve(tokenResponse);
+            }
+            return Promise.reject(new Error("Invalid id_token in the token response: " + response.data.id_token));
+        });
+    }).catch((error) => {
+        return Promise.reject(error);
+    });
+};
+/**
+ * Send refresh token request.
+ *
+ * @param {OIDCRequestParamsInterface} requestParams request parameters required for token request.
+ * @param {string} refreshToken
+ * @returns {Promise<TokenResponseInterface>} refresh token response data or error.
+ */
+export const sendRefreshTokenRequest = (requestParams, refreshToken) => {
+    const tokenEndpoint = getTokenEndpoint();
+    if (!tokenEndpoint || tokenEndpoint.trim().length === 0) {
+        return Promise.reject("Invalid token endpoint found.");
+    }
+    const body = [];
+    body.push(`client_id=${requestParams.clientId}`);
+    body.push(`refresh_token=${refreshToken}`);
+    body.push("grant_type=refresh_token");
+    return axios.post(tokenEndpoint, body.join("&"), getTokenRequestHeaders(requestParams.clientHost))
+        .then((response) => {
+        if (response.status !== 200) {
+            return Promise.reject(new Error("Invalid status code received in the refresh token response: "
+                + response.status));
+        }
+        return validateIdToken(requestParams.clientId, response.data.id_token, requestParams.serverOrigin)
+            .then((valid) => {
+            if (valid) {
+                const tokenResponse = {
+                    accessToken: response.data.access_token,
+                    expiresIn: response.data.expires_in,
+                    idToken: response.data.id_token,
+                    refreshToken: response.data.refresh_token,
+                    scope: response.data.scope,
+                    tokenType: response.data.token_type
+                };
+                return Promise.resolve(tokenResponse);
+            }
+            return Promise.reject(new Error("Invalid id_token in the token response: " +
+                response.data.id_token));
+        });
+    }).catch((error) => {
+        return Promise.reject(error);
+    });
+};
+/**
+ * Send revoke token request.
+ *
+ * @param {OIDCRequestParamsInterface} requestParams request parameters required for revoke token request.
+ * @param {string} accessToken access token
+ * @returns {any}
+ */
+/* eslint-disable @typescript-eslint/no-explicit-any */
+export const sendRevokeTokenRequest = (requestParams, accessToken) => {
+    const revokeTokenEndpoint = getRevokeTokenEndpoint();
+    if (!revokeTokenEndpoint || revokeTokenEndpoint.trim().length === 0) {
+        return Promise.reject("Invalid revoke token endpoint found.");
+    }
+    const body = [];
+    body.push(`client_id=${requestParams.clientId}`);
+    body.push(`token=${accessToken}`);
+    body.push("token_type_hint=access_token");
+    return axios.post(revokeTokenEndpoint, body.join("&"), { headers: getTokenRequestHeaders(requestParams.clientHost), withCredentials: true })
+        .then((response) => {
+        if (response.status !== 200) {
+            return Promise.reject(new Error("Invalid status code received in the revoke token response: "
+                + response.status));
+        }
+        return Promise.resolve(response);
+    }).catch((error) => {
+        return Promise.reject(error);
+    });
+};
+/**
+ * Get user image from gravatar.com.
+ *
+ * @param emailAddress email address received authenticated user.
+ * @returns {string} gravatar image path.
+ */
+export const getGravatar = (emailAddress) => {
+    return "https://www.gravatar.com/avatar/" + getEmailHash(emailAddress) + "?d=404";
+};
+/**
+ * Get authenticated user from the id_token.
+ *
+ * @param idToken id_token received from the IdP.
+ * @returns {AuthenticatedUserInterface} authenticated user.
+ */
+export const getAuthenticatedUser = (idToken) => {
+    const payload = JSON.parse(atob(idToken.split(".")[1]));
+    const emailAddress = payload.email ? payload.email : null;
+    return {
+        displayName: payload.preferred_username ? payload.preferred_username : payload.sub,
+        email: emailAddress,
+        username: payload.sub,
+    };
+};
+/**
+ * Send account switch request.
+ *
+ * @param {AccountSwitchRequestParams} requestParams request parameters required for the account switch request.
+ * @param {string} clientHost client host.
+ * @returns {Promise<TokenResponseInterface>} token response data or error.
+ */
+export const sendAccountSwitchRequest = (requestParams) => {
+    const tokenEndpoint = getTokenEndpoint();
+    if (!tokenEndpoint || tokenEndpoint.trim().length === 0) {
+        return Promise.reject(new Error("Invalid token endpoint found."));
+    }
+    let scope = OIDC_SCOPE;
+    if (requestParams.scope && requestParams.scope.length > 0) {
+        if (!requestParams.scope.includes(OIDC_SCOPE)) {
+            requestParams.scope.push(OIDC_SCOPE);
+        }
+        scope = requestParams.scope.join(" ");
+    }
+    const body = [];
+    body.push(`grant_type=account_switch`);
+    body.push(`username=${requestParams.username}`);
+    body.push(`userstore-domain=${requestParams["userstore-domain"]}`);
+    body.push(`tenant-domain=${requestParams["tenant-domain"]}`);
+    body.push(`token=${getSessionParameter(ACCESS_TOKEN)}`);
+    body.push(`scope=${scope}`);
+    body.push(`client_id=${requestParams.client_id}`);
+    return axios.post(tokenEndpoint, body.join("&"), getTokenRequestHeaders(requestParams.clientHost))
+        .then((response) => {
+        if (response.status !== 200) {
+            return Promise.reject(new Error("Invalid status code received in the token response: "
+                + response.status));
+        }
+        return validateIdToken(requestParams.client_id, response.data.id_token, requestParams.serverOrigin)
+            .then((valid) => {
+            if (valid) {
+                const tokenResponse = {
+                    accessToken: response.data.access_token,
+                    expiresIn: response.data.expires_in,
+                    idToken: response.data.id_token,
+                    refreshToken: response.data.refresh_token,
+                    scope: response.data.scope,
+                    tokenType: response.data.token_type
+                };
+                return Promise.resolve(tokenResponse);
+            }
+            return Promise.reject(new Error("Invalid id_token in the token response: "
+                + response.data.id_token));
+        });
+    })
+        .catch((error) => {
+        return Promise.reject(error);
+    });
+};
+//# sourceMappingURL=sign-in.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/actions/sign-in.js.map b/frontend/src/authentication/auth-module/actions/sign-in.js.map
new file mode 100644
index 0000000..f205f0f
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/sign-in.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"sign-in.js","sourceRoot":"","sources":["../../src/actions/sign-in.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EACH,YAAY,EACZ,kBAAkB,EAClB,UAAU,EACV,kBAAkB,EAClB,cAAc,EACd,iBAAiB,EACpB,MAAM,cAAc,CAAC;AAItB,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,YAAY,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAChH,OAAO,EAAE,oBAAoB,EAAE,SAAS,EAAE,UAAU,EAAE,sBAAsB,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AACpH,OAAO,EAAE,mBAAmB,EAAE,sBAAsB,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAC;AAE7F;;;;GAIG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAAY,EAAE;IAC9C,OAAO,CAAC,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;AAChF,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,sBAAsB,GAAG,CAAC,UAAkB,EAAsB,EAAE;IACtE,OAAO;QACH,OAAO,EAAE;YACL,QAAQ,EAAE,kBAAkB;YAC5B,6BAA6B,EAAE,UAAU;YACzC,cAAc,EAAE,mCAAmC;SACtD;KACJ,CAAC;AACN,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,aAAyC,EAA0B,EAAE;IAC1G,MAAM,iBAAiB,GAAG,oBAAoB,EAAE,CAAC;IAEjD,IAAI,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7D,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC,CAAC;KACzE;IAED,IAAI,gBAAgB,GAAG,iBAAiB,GAAG,gCAAgC;UACrE,aAAa,CAAC,QAAQ,CAAC;IAE7B,IAAI,KAAK,GAAG,UAAU,CAAC;IAEvB,IAAI,aAAa,CAAC,KAAK,IAAI,aAAa,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;QACvD,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE;YAC3C,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;SACxC;QACD,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;KACzC;IAED,gBAAgB,IAAI,SAAS,GAAG,KAAK,CAAC;IACtC,gBAAgB,IAAI,gBAAgB,GAAG,aAAa,CAAC,WAAW,CAAC;IAEjE,IAAI,aAAa,CAAC,UAAU,EAAE;QAC1B,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;QACvC,MAAM,aAAa,GAAG,gBAAgB,CAAC,YAAY,CAAC,CAAC;QACrD,mBAAmB,CAAC,kBAAkB,EAAE,YAAY,CAAC,CAAC;QACtD,gBAAgB,IAAI,6CAA6C,GAAG,aAAa,CAAC;KACrF;IAED,IAAI,aAAa,CAAC,MAAM,EAAE;QACtB,gBAAgB,IAAI,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC;KACzD;IAED,QAAQ,CAAC,QAAQ,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAE1C,OAAO,KAAK,CAAC;AACjB,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,uDAAuD;AACvD,MAAM,eAAe,GAAG,CAAC,QAAgB,EAAE,OAAe,EAAG,YAAoB,EAAgB,EAAE;IAC/F,MAAM,YAAY,GAAG,UAAU,EAAE,CAAC;IAElC,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE;QACnD,OAAO,OAAO,CAAC,MAAM,CAAC,yBAAyB,CAAC,CAAC;KACpD;IAED,OAAO,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC;SACzB,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;QACf,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YACzB,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,4CAA4C;kBACtE,YAAY,CAAC,CAAC,CAAC;SACxB;QAED,MAAM,GAAG,GAAG,mBAAmB,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3E,IAAI,MAAM,GAAG,SAAS,EAAE,CAAC;QACzB,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE;YACvC,MAAM,GAAG,YAAY,GAAG,iBAAiB,CAAC,KAAK,CAAC;SACnD;QAED,OAAO,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;IAC3E,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACf,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACX,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC5B,aAAyC,EACV,EAAE;IAEjC,MAAM,aAAa,GAAG,gBAAgB,EAAE,CAAC;IAEzC,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE;QACrD,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC,CAAC;KACrE;IAED,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAEhF,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,CAAC,IAAI,CAAC,aAAa,aAAa,CAAC,QAAQ,EAAE,CAAC,CAAC;IAEjD,IAAI,aAAa,CAAC,YAAY,IAAI,aAAa,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE;QAC5E,IAAI,CAAC,IAAI,CAAC,iBAAiB,aAAa,CAAC,YAAY,EAAE,CAAC,CAAC;KAC5D;IAED,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC;IAC1B,IAAI,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;IAC3C,IAAI,CAAC,IAAI,CAAC,gBAAgB,aAAa,CAAC,WAAW,EAAE,CAAC,CAAC;IAEvD,IAAI,aAAa,CAAC,UAAU,EAAE;QAC1B,IAAI,CAAC,IAAI,CAAC,iBAAiB,mBAAmB,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC;QACtE,sBAAsB,CAAC,kBAAkB,CAAC,CAAC;KAC9C;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,sBAAsB,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;SAC7F,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;QACf,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YACzB,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,sDAAsD;kBAChF,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;SAC3B;QACD,OAAO,eAAe,CAAC,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,YAAY,CAAC;aAC7F,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;YAChB,IAAI,KAAK,EAAE;gBACP,mBAAmB,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;gBACnE,MAAM,aAAa,GAA2B;oBAC1C,WAAW,EAAE,QAAQ,CAAC,IAAI,CAAC,YAAY;oBACvC,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,UAAU;oBACnC,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ;oBAC/B,YAAY,EAAE,QAAQ,CAAC,IAAI,CAAC,aAAa;oBACzC,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAK;oBAC1B,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,UAAU;iBACtC,CAAC;gBACF,OAAO,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;aACzC;YACD,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,0CAA0C,GAAG,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC1G,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACf,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACX,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,CACnC,aAAyC,EACzC,YAAoB,EACW,EAAE;IAEjC,MAAM,aAAa,GAAG,gBAAgB,EAAE,CAAC;IAEzC,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE;QACrD,OAAO,OAAO,CAAC,MAAM,CAAC,+BAA+B,CAAC,CAAC;KAC1D;IAED,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,CAAC,IAAI,CAAC,aAAa,aAAa,CAAC,QAAQ,EAAE,CAAC,CAAC;IACjD,IAAI,CAAC,IAAI,CAAC,iBAAiB,YAAY,EAAE,CAAC,CAAC;IAC3C,IAAI,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAEtC,OAAO,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,sBAAsB,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;SAC7F,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;QACf,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YACzB,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,8DAA8D;kBACxF,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;SAC3B;QACD,OAAO,eAAe,CAAC,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,YAAY,CAAC;aAC7F,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;YACZ,IAAI,KAAK,EAAE;gBACP,MAAM,aAAa,GAA2B;oBAC1C,WAAW,EAAE,QAAQ,CAAC,IAAI,CAAC,YAAY;oBACvC,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,UAAU;oBACnC,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ;oBAC/B,YAAY,EAAE,QAAQ,CAAC,IAAI,CAAC,aAAa;oBACzC,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAK;oBAC1B,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,UAAU;iBACtC,CAAC;gBAEF,OAAO,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;aACzC;YACD,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,0CAA0C;gBACtE,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;IACX,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACf,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACX,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,uDAAuD;AACvD,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,aAAyC,EACzC,WAAmB,EAAgB,EAAE;IACxE,MAAM,mBAAmB,GAAG,sBAAsB,EAAE,CAAC;IAErD,IAAI,CAAC,mBAAmB,IAAI,mBAAmB,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE;QACjE,OAAO,OAAO,CAAC,MAAM,CAAC,sCAAsC,CAAC,CAAC;KACjE;IAED,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,CAAC,IAAI,CAAC,aAAa,aAAa,CAAC,QAAQ,EAAE,CAAC,CAAC;IACjD,IAAI,CAAC,IAAI,CAAC,SAAS,WAAW,EAAE,CAAC,CAAC;IAClC,IAAI,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;IAE1C,OAAO,KAAK,CAAC,IAAI,CAAC,mBAAmB,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EACjD,EAAE,OAAO,EAAE,sBAAsB,CAAC,aAAa,CAAC,UAAU,CAAC,EAAE,eAAe,EAAE,IAAI,EAAE,CAAC;SACpF,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;QACf,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YACzB,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,6DAA6D;kBACvF,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;SAC3B;QAED,OAAO,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACf,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACX,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,YAAoB,EAAU,EAAE;IACxD,OAAO,kCAAkC,GAAG,YAAY,CAAC,YAAY,CAAC,GAAG,QAAQ,CAAC;AACtF,CAAC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,OAAe,EAA8B,EAAE;IAChF,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACxD,MAAM,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;IAE1D,OAAO;QACH,WAAW,EAAE,OAAO,CAAC,kBAAkB,CAAC,CAAC,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG;QAClF,KAAK,EAAE,YAAY;QACnB,QAAQ,EAAE,OAAO,CAAC,GAAG;KACxB,CAAC;AACN,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,CACpC,aAAyC,EACV,EAAE;IACjC,MAAM,aAAa,GAAG,gBAAgB,EAAE,CAAC;IAEzC,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE;QACrD,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC,CAAC;KACrE;IAED,IAAI,KAAK,GAAG,UAAU,CAAC;IAEvB,IAAI,aAAa,CAAC,KAAK,IAAI,aAAa,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;QACvD,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE;YAC3C,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;SACxC;QACD,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;KACzC;IAED,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;IACvC,IAAI,CAAC,IAAI,CAAC,YAAa,aAAa,CAAC,QAAS,EAAE,CAAC,CAAC;IAClD,IAAI,CAAC,IAAI,CAAC,oBAAqB,aAAa,CAAC,kBAAkB,CAAE,EAAE,CAAC,CAAC;IACrE,IAAI,CAAC,IAAI,CAAC,iBAAkB,aAAa,CAAC,eAAe,CAAE,EAAE,CAAC,CAAC;IAC/D,IAAI,CAAC,IAAI,CAAC,SAAU,mBAAmB,CAAC,YAAY,CAAE,EAAE,CAAC,CAAC;IAC1D,IAAI,CAAC,IAAI,CAAC,SAAU,KAAM,EAAE,CAAC,CAAC;IAC9B,IAAI,CAAC,IAAI,CAAC,aAAc,aAAa,CAAC,SAAU,EAAE,CAAC,CAAC;IAEpD,OAAO,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,sBAAsB,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;SAC7F,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;QACf,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YACzB,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,sDAAsD;kBAChF,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;SAC3B;QAED,OAAO,eAAe,CAAC,aAAa,CAAC,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,YAAY,CAAC;aAC9F,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;YACZ,IAAI,KAAK,EAAE;gBACP,MAAM,aAAa,GAA2B;oBAC1C,WAAW,EAAE,QAAQ,CAAC,IAAI,CAAC,YAAY;oBACvC,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,UAAU;oBACnC,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ;oBAC/B,YAAY,EAAE,QAAQ,CAAC,IAAI,CAAC,aAAa;oBACzC,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAK;oBAC1B,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,UAAU;iBACtC,CAAC;gBACF,OAAO,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;aACzC;YAED,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,0CAA0C;kBACpE,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;QACnC,CAAC,CAAC,CAAC;IACX,CAAC,CAAC;SACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACb,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACX,CAAC,CAAC"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/actions/sign-out.d.ts b/frontend/src/authentication/auth-module/actions/sign-out.d.ts
new file mode 100644
index 0000000..e13c508
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/sign-out.d.ts
@@ -0,0 +1,23 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+/**
+ * Handle user sign out.
+ *
+ * @returns {}
+ */
+export declare const sendSignOutRequest: (redirectUri: string, sessionClearCallback: any) => Promise<any>;
diff --git a/frontend/src/authentication/auth-module/actions/sign-out.js b/frontend/src/authentication/auth-module/actions/sign-out.js
new file mode 100644
index 0000000..eabfbf5
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/sign-out.js
@@ -0,0 +1,41 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import { ID_TOKEN } from "../constants";
+import { getEndSessionEndpoint } from "./op-config";
+import { getSessionParameter } from "./session";
+/**
+ * Handle user sign out.
+ *
+ * @returns {}
+ */
+/* eslint-disable @typescript-eslint/no-explicit-any */
+export const sendSignOutRequest = (redirectUri, sessionClearCallback) => {
+    const logoutEndpoint = getEndSessionEndpoint();
+    if (!logoutEndpoint || logoutEndpoint.trim().length === 0) {
+        return Promise.reject(new Error("Invalid logout endpoint found."));
+    }
+    const idToken = getSessionParameter(ID_TOKEN);
+    if (!idToken || idToken.trim().length === 0) {
+        return Promise.reject(new Error("Invalid id_token found."));
+    }
+    sessionClearCallback();
+    Promise.resolve("Logout sucess!");
+    window.location.href = `${logoutEndpoint}?` + `id_token_hint=${idToken}` +
+        `&post_logout_redirect_uri=${redirectUri}`;
+};
+//# sourceMappingURL=sign-out.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/actions/sign-out.js.map b/frontend/src/authentication/auth-module/actions/sign-out.js.map
new file mode 100644
index 0000000..44e618c
--- /dev/null
+++ b/frontend/src/authentication/auth-module/actions/sign-out.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"sign-out.js","sourceRoot":"","sources":["../../src/actions/sign-out.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAC;AAEhD;;;;GAIG;AACH,uDAAuD;AACvD,MAAM,CAAC,MAAM,kBAAkB,GAAI,CAAC,WAAmB,EAAE,oBAAoB,EAAgB,EAAE;IAC3F,MAAM,cAAc,GAAG,qBAAqB,EAAE,CAAC;IAE/C,IAAI,CAAC,cAAc,IAAI,cAAc,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE;QACvD,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC,CAAC;KACtE;IAED,MAAM,OAAO,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAE9C,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE;QACzC,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC,CAAC;KAC/D;IAED,oBAAoB,EAAE,CAAC;IACvB,OAAO,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAElC,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,GAAG,cAAc,GAAG,GAAG,iBAAiB,OAAO,EAAE;QACpE,6BAA6B,WAAW,EAAE,CAAC;AACnD,CAAC,CAAC"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/constants/endpoints.d.ts b/frontend/src/authentication/auth-module/constants/endpoints.d.ts
new file mode 100644
index 0000000..b61610b
--- /dev/null
+++ b/frontend/src/authentication/auth-module/constants/endpoints.d.ts
@@ -0,0 +1,29 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+interface ServiceResourcesType {
+    jwks: string;
+    token: string;
+}
+export declare const SERVICE_RESOURCES: ServiceResourcesType;
+export declare const AUTHORIZATION_ENDPOINT = "authorization_endpoint";
+export declare const TOKEN_ENDPOINT = "token_endpoint";
+export declare const REVOKE_TOKEN_ENDPOINT = "revoke_token_endpoint";
+export declare const END_SESSION_ENDPOINT = "end_session_endpoint";
+export declare const JWKS_ENDPOINT = "jwks_uri";
+export declare const OP_CONFIG_INITIATED = "op_config_initiated";
+export {};
diff --git a/frontend/src/authentication/auth-module/constants/endpoints.js b/frontend/src/authentication/auth-module/constants/endpoints.js
new file mode 100644
index 0000000..3829ee3
--- /dev/null
+++ b/frontend/src/authentication/auth-module/constants/endpoints.js
@@ -0,0 +1,28 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+export const SERVICE_RESOURCES = {
+    jwks: "/oauth2/jwks",
+    token: "/oauth2/token"
+};
+export const AUTHORIZATION_ENDPOINT = "authorization_endpoint";
+export const TOKEN_ENDPOINT = "token_endpoint";
+export const REVOKE_TOKEN_ENDPOINT = "revoke_token_endpoint";
+export const END_SESSION_ENDPOINT = "end_session_endpoint";
+export const JWKS_ENDPOINT = "jwks_uri";
+export const OP_CONFIG_INITIATED = "op_config_initiated";
+//# sourceMappingURL=endpoints.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/constants/endpoints.js.map b/frontend/src/authentication/auth-module/constants/endpoints.js.map
new file mode 100644
index 0000000..49d8943
--- /dev/null
+++ b/frontend/src/authentication/auth-module/constants/endpoints.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"endpoints.js","sourceRoot":"","sources":["../../src/constants/endpoints.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAOH,MAAM,CAAC,MAAM,iBAAiB,GAAyB;IACnD,IAAI,EAAE,cAAc;IACpB,KAAK,EAAE,eAAe;CACzB,CAAC;AAEF,MAAM,CAAC,MAAM,sBAAsB,GAAG,wBAAwB,CAAC;AAC/D,MAAM,CAAC,MAAM,cAAc,GAAG,gBAAgB,CAAC;AAC/C,MAAM,CAAC,MAAM,qBAAqB,GAAG,uBAAuB,CAAC;AAC7D,MAAM,CAAC,MAAM,oBAAoB,GAAG,sBAAsB,CAAC;AAC3D,MAAM,CAAC,MAAM,aAAa,GAAG,UAAU,CAAC;AACxC,MAAM,CAAC,MAAM,mBAAmB,GAAG,qBAAqB,CAAC"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/constants/index.d.ts b/frontend/src/authentication/auth-module/constants/index.d.ts
new file mode 100644
index 0000000..a610e85
--- /dev/null
+++ b/frontend/src/authentication/auth-module/constants/index.d.ts
@@ -0,0 +1,20 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+export * from "./endpoints";
+export * from "./token";
+export * from "./user";
diff --git a/frontend/src/authentication/auth-module/constants/index.js b/frontend/src/authentication/auth-module/constants/index.js
new file mode 100644
index 0000000..1305f54
--- /dev/null
+++ b/frontend/src/authentication/auth-module/constants/index.js
@@ -0,0 +1,21 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+export * from "./endpoints";
+export * from "./token";
+export * from "./user";
+//# sourceMappingURL=index.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/constants/index.js.map b/frontend/src/authentication/auth-module/constants/index.js.map
new file mode 100644
index 0000000..4ad1b37
--- /dev/null
+++ b/frontend/src/authentication/auth-module/constants/index.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/constants/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,cAAc,aAAa,CAAC;AAC5B,cAAc,SAAS,CAAC;AACxB,cAAc,QAAQ,CAAC"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/constants/token.d.ts b/frontend/src/authentication/auth-module/constants/token.d.ts
new file mode 100644
index 0000000..9f2f5fe
--- /dev/null
+++ b/frontend/src/authentication/auth-module/constants/token.d.ts
@@ -0,0 +1,29 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+export declare const ACCESS_TOKEN = "access_token";
+export declare const ACCESS_TOKEN_EXPIRE_IN = "expires_in";
+export declare const ACCESS_TOKEN_ISSUED_AT = "issued_at";
+export declare const AUTHORIZATION_CODE = "code";
+export declare const ID_TOKEN = "id_token";
+export declare const OIDC_SCOPE = "openid";
+export declare const PKCE_CODE_VERIFIER = "pkce_code_verifier";
+export declare const REFRESH_TOKEN = "refresh_token";
+export declare const SCOPE = "scope";
+export declare const TOKEN_TYPE = "token_type";
+export declare const REQUEST_PARAMS = "request_params";
+export declare const ISSUER = "issuer";
diff --git a/frontend/src/authentication/auth-module/constants/token.js b/frontend/src/authentication/auth-module/constants/token.js
new file mode 100644
index 0000000..34dac61
--- /dev/null
+++ b/frontend/src/authentication/auth-module/constants/token.js
@@ -0,0 +1,30 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+export const ACCESS_TOKEN = "access_token";
+export const ACCESS_TOKEN_EXPIRE_IN = "expires_in";
+export const ACCESS_TOKEN_ISSUED_AT = "issued_at";
+export const AUTHORIZATION_CODE = "code";
+export const ID_TOKEN = "id_token";
+export const OIDC_SCOPE = "openid";
+export const PKCE_CODE_VERIFIER = "pkce_code_verifier";
+export const REFRESH_TOKEN = "refresh_token";
+export const SCOPE = "scope";
+export const TOKEN_TYPE = "token_type";
+export const REQUEST_PARAMS = "request_params";
+export const ISSUER = "issuer";
+//# sourceMappingURL=token.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/constants/token.js.map b/frontend/src/authentication/auth-module/constants/token.js.map
new file mode 100644
index 0000000..66fb4de
--- /dev/null
+++ b/frontend/src/authentication/auth-module/constants/token.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"token.js","sourceRoot":"","sources":["../../src/constants/token.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,CAAC,MAAM,YAAY,GAAG,cAAc,CAAC;AAC3C,MAAM,CAAC,MAAM,sBAAsB,GAAG,YAAY,CAAC;AACnD,MAAM,CAAC,MAAM,sBAAsB,GAAG,WAAW,CAAC;AAClD,MAAM,CAAC,MAAM,kBAAkB,GAAG,MAAM,CAAC;AACzC,MAAM,CAAC,MAAM,QAAQ,GAAG,UAAU,CAAC;AACnC,MAAM,CAAC,MAAM,UAAU,GAAG,QAAQ,CAAC;AACnC,MAAM,CAAC,MAAM,kBAAkB,GAAG,oBAAoB,CAAC;AACvD,MAAM,CAAC,MAAM,aAAa,GAAG,eAAe,CAAC;AAC7C,MAAM,CAAC,MAAM,KAAK,GAAG,OAAO,CAAC;AAC7B,MAAM,CAAC,MAAM,UAAU,GAAG,YAAY,CAAC;AACvC,MAAM,CAAC,MAAM,cAAc,GAAG,gBAAgB,CAAC;AAC/C,MAAM,CAAC,MAAM,MAAM,GAAG,QAAQ,CAAC"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/constants/user.d.ts b/frontend/src/authentication/auth-module/constants/user.d.ts
new file mode 100644
index 0000000..d09a9cb
--- /dev/null
+++ b/frontend/src/authentication/auth-module/constants/user.d.ts
@@ -0,0 +1,21 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+export declare const USERIMAGE = "userimage";
+export declare const USERNAME = "username";
+export declare const EMAIL = "email";
+export declare const DISPLAY_NAME = "display_name";
diff --git a/frontend/src/authentication/auth-module/constants/user.js b/frontend/src/authentication/auth-module/constants/user.js
new file mode 100644
index 0000000..0e444b5
--- /dev/null
+++ b/frontend/src/authentication/auth-module/constants/user.js
@@ -0,0 +1,22 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+export const USERIMAGE = "userimage";
+export const USERNAME = "username";
+export const EMAIL = "email";
+export const DISPLAY_NAME = "display_name";
+//# sourceMappingURL=user.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/constants/user.js.map b/frontend/src/authentication/auth-module/constants/user.js.map
new file mode 100644
index 0000000..91ab08f
--- /dev/null
+++ b/frontend/src/authentication/auth-module/constants/user.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"user.js","sourceRoot":"","sources":["../../src/constants/user.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,CAAC,MAAM,SAAS,GAAG,WAAW,CAAC;AACrC,MAAM,CAAC,MAAM,QAAQ,GAAG,UAAU,CAAC;AACnC,MAAM,CAAC,MAAM,KAAK,GAAG,OAAO,CAAC;AAC7B,MAAM,CAAC,MAAM,YAAY,GAAG,cAAc,CAAC"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/helpers/semaphore.d.ts b/frontend/src/authentication/auth-module/helpers/semaphore.d.ts
new file mode 100644
index 0000000..43b0991
--- /dev/null
+++ b/frontend/src/authentication/auth-module/helpers/semaphore.d.ts
@@ -0,0 +1,23 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+export declare const getSemaphore: () => {
+    new (): {
+        acquire: () => Promise<void>;
+        release: () => void;
+    };
+};
diff --git a/frontend/src/authentication/auth-module/helpers/semaphore.js b/frontend/src/authentication/auth-module/helpers/semaphore.js
new file mode 100644
index 0000000..b130694
--- /dev/null
+++ b/frontend/src/authentication/auth-module/helpers/semaphore.js
@@ -0,0 +1,39 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+export const getSemaphore = () => {
+    let sharedPromise = Promise.resolve();
+    return class Semaphore {
+        constructor() {
+            const currentPromise = sharedPromise;
+            let resolver;
+            const newPromise = new Promise(resolve => {
+                resolver = resolve;
+            });
+            sharedPromise = sharedPromise.then(() => {
+                return newPromise;
+            });
+            this.acquire = function () {
+                return currentPromise;
+            };
+            this.release = function () {
+                resolver();
+            };
+        }
+    };
+};
+//# sourceMappingURL=semaphore.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/helpers/semaphore.js.map b/frontend/src/authentication/auth-module/helpers/semaphore.js.map
new file mode 100644
index 0000000..b78e4ce
--- /dev/null
+++ b/frontend/src/authentication/auth-module/helpers/semaphore.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"semaphore.js","sourceRoot":"","sources":["../../src/helpers/semaphore.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,CAAC,MAAM,YAAY,GAAG,GAAG,EAAE;IAE7B,IAAI,aAAa,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC;IAEtC,OAAO,MAAM,SAAS;QAIlB;YACI,MAAM,cAAc,GAAG,aAAa,CAAC;YACrC,IAAI,QAAQ,CAAC;YAEb,MAAM,UAAU,GAAG,IAAI,OAAO,CAAO,OAAO,CAAC,EAAE;gBAC3C,QAAQ,GAAG,OAAO,CAAC;YACvB,CAAC,CAAC,CAAC;YAEH,aAAa,GAAG,aAAa,CAAC,IAAI,CAAC,GAAG,EAAE;gBACpC,OAAO,UAAU,CAAC;YACtB,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,OAAO,GAAG;gBACX,OAAO,cAAc,CAAC;YAC1B,CAAC,CAAC;YAEF,IAAI,CAAC,OAAO,GAAG;gBACX,QAAQ,EAAE,CAAC;YACf,CAAC,CAAC;QACN,CAAC;KACJ,CAAA;AACL,CAAC,CAAC"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/index.d.ts b/frontend/src/authentication/auth-module/index.d.ts
new file mode 100644
index 0000000..bdb9dbd
--- /dev/null
+++ b/frontend/src/authentication/auth-module/index.d.ts
@@ -0,0 +1,39 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+import * as actionCrypto from "./actions/crypto";
+import * as actionOPConfiguration from "./actions/op-config";
+import * as actionSession from "./actions/session";
+import * as actionSignIn from "./actions/sign-in";
+import * as actionSignOut from "./actions/sign-out";
+import * as constantToken from "./constants/token";
+import * as constantUser from "./constants/user";
+/**
+ * Export Utils & Keys
+ */
+export declare const AuthenticateSessionUtil: typeof actionSession;
+export declare const AuthenticateCryptoUtil: typeof actionCrypto;
+export declare const OPConfigurationUtil: typeof actionOPConfiguration;
+export declare const SignInUtil: typeof actionSignIn;
+export declare const SignOutUtil: typeof actionSignOut;
+export declare const AuthenticateTokenKeys: typeof constantToken;
+export declare const AuthenticateUserKeys: typeof constantUser;
+/**
+ * Export models
+ */
+export * from "./models/oidc-request-params";
diff --git a/frontend/src/authentication/auth-module/index.js b/frontend/src/authentication/auth-module/index.js
new file mode 100644
index 0000000..c82a1ba
--- /dev/null
+++ b/frontend/src/authentication/auth-module/index.js
@@ -0,0 +1,36 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+import * as actionCrypto from "./actions/crypto";
+import * as actionOPConfiguration from "./actions/op-config";
+import * as actionSession from "./actions/session";
+import * as actionSignIn from "./actions/sign-in";
+import * as actionSignOut from "./actions/sign-out";
+import * as constantToken from "./constants/token";
+import * as constantUser from "./constants/user";
+/**
+ * Export Utils & Keys
+ */
+export const AuthenticateSessionUtil = actionSession;
+export const AuthenticateCryptoUtil = actionCrypto;
+export const OPConfigurationUtil = actionOPConfiguration;
+export const SignInUtil = actionSignIn;
+export const SignOutUtil = actionSignOut;
+export const AuthenticateTokenKeys = constantToken;
+export const AuthenticateUserKeys = constantUser;
+//# sourceMappingURL=index.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/index.js.map b/frontend/src/authentication/auth-module/index.js.map
new file mode 100644
index 0000000..fb541a4
--- /dev/null
+++ b/frontend/src/authentication/auth-module/index.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,KAAK,YAAY,MAAM,kBAAkB,CAAC;AACjD,OAAO,KAAK,qBAAqB,MAAM,qBAAqB,CAAC;AAC7D,OAAO,KAAK,aAAa,MAAM,mBAAmB,CAAC;AACnD,OAAO,KAAK,YAAY,MAAM,mBAAmB,CAAC;AAClD,OAAO,KAAK,aAAa,MAAM,oBAAoB,CAAC;AACpD,OAAO,KAAK,aAAa,MAAM,mBAAmB,CAAC;AACnD,OAAO,KAAK,YAAY,MAAM,kBAAkB,CAAC;AAEjD;;GAEG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,aAAa,CAAC;AACrD,MAAM,CAAC,MAAM,sBAAsB,GAAG,YAAY,CAAC;AACnD,MAAM,CAAC,MAAM,mBAAmB,GAAG,qBAAqB,CAAC;AACzD,MAAM,CAAC,MAAM,UAAU,GAAG,YAAY,CAAC;AACvC,MAAM,CAAC,MAAM,WAAW,GAAG,aAAa,CAAC;AACzC,MAAM,CAAC,MAAM,qBAAqB,GAAG,aAAa,CAAC;AACnD,MAAM,CAAC,MAAM,oBAAoB,GAAG,YAAY,CAAC"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/models/authenticated-user.d.ts b/frontend/src/authentication/auth-module/models/authenticated-user.d.ts
new file mode 100644
index 0000000..968618c
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/authenticated-user.d.ts
@@ -0,0 +1,25 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+/**
+ * Interface of the authenticated user.
+ */
+export interface AuthenticatedUserInterface {
+    displayName?: string;
+    email?: string;
+    username: string;
+}
diff --git a/frontend/src/authentication/auth-module/models/authenticated-user.js b/frontend/src/authentication/auth-module/models/authenticated-user.js
new file mode 100644
index 0000000..86e9d94
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/authenticated-user.js
@@ -0,0 +1,18 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+//# sourceMappingURL=authenticated-user.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/models/authenticated-user.js.map b/frontend/src/authentication/auth-module/models/authenticated-user.js.map
new file mode 100644
index 0000000..cbc90d3
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/authenticated-user.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"authenticated-user.js","sourceRoot":"","sources":["../../src/models/authenticated-user.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/models/crypto.d.ts b/frontend/src/authentication/auth-module/models/crypto.d.ts
new file mode 100644
index 0000000..8c5d170
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/crypto.d.ts
@@ -0,0 +1,28 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+/**
+ * JWK Model
+ */
+export interface JWKInterface {
+    kty: string;
+    e: string;
+    use: string;
+    kid: string;
+    alg: string;
+    n: string;
+}
diff --git a/frontend/src/authentication/auth-module/models/crypto.js b/frontend/src/authentication/auth-module/models/crypto.js
new file mode 100644
index 0000000..cfdbff6
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/crypto.js
@@ -0,0 +1,18 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+//# sourceMappingURL=crypto.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/models/crypto.js.map b/frontend/src/authentication/auth-module/models/crypto.js.map
new file mode 100644
index 0000000..9d8e67e
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/crypto.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../src/models/crypto.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/models/oidc-request-params.d.ts b/frontend/src/authentication/auth-module/models/oidc-request-params.d.ts
new file mode 100644
index 0000000..bfe39a1
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/oidc-request-params.d.ts
@@ -0,0 +1,45 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+/**
+ * OIDC request parameters.
+ */
+export interface OIDCRequestParamsInterface {
+    clientId: string;
+    clientHost: string;
+    clientSecret?: string;
+    enablePKCE: boolean;
+    prompt?: string;
+    redirectUri: string;
+    scope?: string[];
+    serverOrigin: string;
+}
+/**
+ * Interface for the account switch grant
+ * request parameters.
+ */
+export interface AccountSwitchRequestParams {
+    grant_type: string;
+    username: string;
+    "userstore-domain": string;
+    "tenant-domain": string;
+    token: string;
+    scope: string[];
+    client_id: string;
+    clientHost: string;
+    serverOrigin: string;
+}
diff --git a/frontend/src/authentication/auth-module/models/oidc-request-params.js b/frontend/src/authentication/auth-module/models/oidc-request-params.js
new file mode 100644
index 0000000..44ecdd5
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/oidc-request-params.js
@@ -0,0 +1,18 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+//# sourceMappingURL=oidc-request-params.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/models/oidc-request-params.js.map b/frontend/src/authentication/auth-module/models/oidc-request-params.js.map
new file mode 100644
index 0000000..ac0c96d
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/oidc-request-params.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"oidc-request-params.js","sourceRoot":"","sources":["../../src/models/oidc-request-params.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/models/session.d.ts b/frontend/src/authentication/auth-module/models/session.d.ts
new file mode 100644
index 0000000..33e0b7a
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/session.d.ts
@@ -0,0 +1,24 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import { AuthenticatedUserInterface } from "./authenticated-user";
+import { TokenResponseInterface } from "./token-response";
+/**
+ * Interface of the user session.
+ */
+export interface SessionInterface extends AuthenticatedUserInterface, TokenResponseInterface {
+}
diff --git a/frontend/src/authentication/auth-module/models/session.js b/frontend/src/authentication/auth-module/models/session.js
new file mode 100644
index 0000000..96857b7
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/session.js
@@ -0,0 +1,18 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+//# sourceMappingURL=session.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/models/session.js.map b/frontend/src/authentication/auth-module/models/session.js.map
new file mode 100644
index 0000000..d2da927
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/session.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/models/session.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG"}
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/models/token-response.d.ts b/frontend/src/authentication/auth-module/models/token-response.d.ts
new file mode 100644
index 0000000..611cd00
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/token-response.d.ts
@@ -0,0 +1,35 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+/**
+ * Interface of the OAuth2/OIDC tokens.
+ */
+export interface TokenResponseInterface {
+    accessToken: string;
+    idToken: string;
+    expiresIn: string;
+    scope: string;
+    refreshToken: string;
+    tokenType: string;
+}
+export interface TokenRequestHeader {
+    headers: {
+        Accept: string;
+        "Access-Control-Allow-Origin": string;
+        "Content-Type": string;
+    };
+}
diff --git a/frontend/src/authentication/auth-module/models/token-response.js b/frontend/src/authentication/auth-module/models/token-response.js
new file mode 100644
index 0000000..f18bbf7
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/token-response.js
@@ -0,0 +1,18 @@
+/**
+ * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+//# sourceMappingURL=token-response.js.map
\ No newline at end of file
diff --git a/frontend/src/authentication/auth-module/models/token-response.js.map b/frontend/src/authentication/auth-module/models/token-response.js.map
new file mode 100644
index 0000000..422c29d
--- /dev/null
+++ b/frontend/src/authentication/auth-module/models/token-response.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"token-response.js","sourceRoot":"","sources":["../../src/models/token-response.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG"}
\ No newline at end of file
diff --git a/frontend/src/authentication/sign-in.js b/frontend/src/authentication/sign-in.js
new file mode 100644
index 0000000..2dc0700
--- /dev/null
+++ b/frontend/src/authentication/sign-in.js
@@ -0,0 +1,62 @@
+import { useEffect } from "react";
+import { useDispatch, useSelector } from "react-redux";
+import { handleSignIn } from "./state/authentications.actions";
+import { createBrowserHistory } from "history";
+import { IDENTITY_SERVER_URL } from "../config";
+import { AuthenticateSessionUtil } from "./auth-module";
+import { requestSignInSuccess } from "../shared/state/sharedActions";
+
+/**
+ * Error description when the user denies consent to the app
+ * @constant
+ * @type {string}
+ * @default
+ */
+export const USER_DENIED_CONSENT = "User denied the consent";
+
+/**
+ * This component handles the sign-in function
+ */
+export const SignIn = (props) => {
+    const dispatch = useDispatch();
+
+    const isAuth = useSelector((state) => state.authentication.isAuth);
+    const isSignedIn = useSelector((state) => state.shared.signedInUser.isSignedIn);
+
+    const error = new URLSearchParams(props.location.search).get("error_description");
+
+    const history = createBrowserHistory();
+
+    const getAuthenticationCallbackUrl = () => {
+        return window.sessionStorage.getItem("auth_callback_url");
+    };
+
+    const loginSuccessRedirect = () => {
+        const AuthenticationCallbackUrl = getAuthenticationCallbackUrl();
+        const location =
+            !AuthenticationCallbackUrl || AuthenticationCallbackUrl === `${IDENTITY_SERVER_URL}sign-in`
+                ? "/app/home"
+                : AuthenticationCallbackUrl;
+
+        history.push(location);
+    };
+
+    useEffect(() => {
+        if (!isAuth && !error) {
+            dispatch(handleSignIn());
+        } else if (error === USER_DENIED_CONSENT) {
+            dispatch(handleSignIn(true));
+        } else {
+            const userDetails = AuthenticateSessionUtil.getAllSessionParameters();
+            dispatch(requestSignInSuccess(userDetails));
+        }
+    }, [isAuth]);
+
+    useEffect(() => {
+        if (isSignedIn) {
+            loginSuccessRedirect();
+        }
+    }, [isSignedIn]);
+
+    return null;
+};
diff --git a/frontend/src/authentication/sign-out.js b/frontend/src/authentication/sign-out.js
new file mode 100644
index 0000000..9f88610
--- /dev/null
+++ b/frontend/src/authentication/sign-out.js
@@ -0,0 +1,19 @@
+import { useEffect } from "react";
+import { useDispatch, useSelector } from "react-redux";
+import { handleSignOut } from "./state/authentications.actions";
+
+/**
+ * This component handles the sign-out function
+ */
+export const SignOut = () => {
+    const dispatch = useDispatch();
+    const logoutInit = useSelector((state) => state.authenticationInformation.logoutInit);
+
+    useEffect(() => {
+        if (!logoutInit) {
+            dispatch(handleSignOut());
+        }
+    }, [ logoutInit ]);
+
+    return null;
+};
diff --git a/frontend/src/authentication/state/authentication.reducers.js b/frontend/src/authentication/state/authentication.reducers.js
new file mode 100644
index 0000000..a95c473
--- /dev/null
+++ b/frontend/src/authentication/state/authentication.reducers.js
@@ -0,0 +1,86 @@
+import { AuthenticateSessionUtil, AuthenticateTokenKeys, AuthenticateUserKeys } from "../auth-module";
+import { authenticateActionTypes } from "./types";
+
+/**
+ * Create an empty profile
+ */
+const createEmptyProfile = () => ({
+    associations: [],
+    email: "",
+    emails: [],
+    groups: [],
+    id: "",
+    isSecurity: false,
+    name: { givenName: "", familyName: "" },
+    organisation: "",
+    phoneNumbers: [],
+    profileUrl: "",
+    responseStatus: null,
+    roles: [],
+    userName: "",
+    userimage: ""
+});
+
+/**
+ * Initial authenticate state.
+ */
+const authenticateInitialState = {
+    displayName: "",
+    emails: "",
+    isAuth: false,
+    location: "/app/home",
+    loginInit: false,
+    logoutInit: false,
+    profileInfo: createEmptyProfile(),
+    profileSchemas: [],
+    username: ""
+};
+
+/**
+ * Reducer to handle the state of authentication related actions.
+ *
+ * @param state - Previous state
+ * @param action - Action type
+ * @returns The new state
+ */
+const authenticateReducer = (state = authenticateInitialState, action) => {
+    switch (action.type) {
+        case authenticateActionTypes.SET_SIGN_IN:
+            if (AuthenticateSessionUtil.getSessionParameter(AuthenticateTokenKeys.ACCESS_TOKEN)) {
+                return {
+                    ...state,
+                    displayName: AuthenticateSessionUtil.getSessionParameter(AuthenticateUserKeys.DISPLAY_NAME),
+                    emails: AuthenticateSessionUtil.getSessionParameter(AuthenticateUserKeys.EMAIL),
+                    isAuth: true,
+                    loginInit: true,
+                    logoutInit: false,
+                    username: AuthenticateSessionUtil.getSessionParameter(AuthenticateUserKeys.USERNAME)
+                };
+            }
+            break;
+        case authenticateActionTypes.SET_SIGN_OUT:
+            return {
+                ...state,
+                loginInit: false,
+                logoutInit: true
+            };
+        case authenticateActionTypes.RESET_AUTHENTICATION:
+            return {
+                ...authenticateInitialState
+            };
+        case authenticateActionTypes.SET_PROFILE_INFO:
+            return {
+                ...state,
+                profileInfo: action.payload
+            };
+        case authenticateActionTypes.SET_SCHEMAS:
+            return {
+                ...state,
+                profileSchemas: action.payload
+            };
+        default:
+            return state;
+    }
+};
+
+export { authenticateInitialState, authenticateReducer };
diff --git a/frontend/src/authentication/state/authentications.actions.js b/frontend/src/authentication/state/authentications.actions.js
new file mode 100644
index 0000000..0c761c1
--- /dev/null
+++ b/frontend/src/authentication/state/authentications.actions.js
@@ -0,0 +1,134 @@
+import { authenticateActionTypes } from "./types";
+import {
+    AuthenticateSessionUtil,
+    AuthenticateTokenKeys,
+    OPConfigurationUtil,
+    SignInUtil,
+    SignOutUtil
+} from "../auth-module/";
+import _ from "lodash";
+import store from "../../store/store";
+import { createBrowserHistory } from "history";
+import {IDENTITY_SERVER_URL, CLIENT_ID } from "../../config";
+import { signOut } from "../../shared/state/sharedActions";
+
+const history = createBrowserHistory();
+
+/**
+ * Dispatches an action of type `SET_SIGN_IN`.
+ */
+export const setSignIn = () => ({
+    type: authenticateActionTypes.SET_SIGN_IN
+});
+
+/**
+ * Dispatches an action of type `SET_SIGN_OUT`.
+ */
+export const setSignOut = () => ({
+    type: authenticateActionTypes.SET_SIGN_OUT
+});
+
+/**
+ * Dispatches an action of type `RESET_AUTHENTICATION`.
+ */
+export const resetAuthentication = () => ({
+    type: authenticateActionTypes.RESET_AUTHENTICATION
+});
+
+/**
+ * Handle user sign-out
+ */
+export const handleSignOut = () => (dispatch) => {
+    if (sessionStorage.length === 0) {
+        history.push(store.getState().config.deployment.appLoginPath);
+    } else {
+        SignOutUtil.sendSignOutRequest(store.getState().config.deployment.loginCallbackUrl, () => {
+            dispatch(setSignOut());
+            dispatch(signOut());
+            AuthenticateSessionUtil.endAuthenticatedSession();
+            OPConfigurationUtil.resetOPConfiguration();
+        }).catch(() => {
+            history.push(store.getState().config.deployment.appLoginPath);
+        });
+    }
+};
+
+/**
+ * Handle user sign-in
+ */
+export const handleSignIn = (consentDenied = false) => (dispatch) => {
+    const requestParams = {
+        clientHost: window.location.origin,
+        clientId: CLIENT_ID,
+        clientSecret: null,
+        enablePKCE: true,
+        redirectUri: `${window.location.origin}/sign-in`,
+        scope: ["admin"],
+        serverOrigin: IDENTITY_SERVER_URL,
+        tenant: "carbon.super"
+    };
+
+    const sendSignInRequest = () => {
+        if (consentDenied) {
+            requestParams.prompt = "login";
+        }
+
+        if (SignInUtil.hasAuthorizationCode()) {
+            SignInUtil.sendTokenRequest(requestParams)
+                .then((response) => {
+                    AuthenticateSessionUtil.initUserSession(
+                        response,
+                        SignInUtil.getAuthenticatedUser(response.idToken)
+                    );
+                    dispatch(setSignIn());
+                })
+                .catch((error) => {
+                    if (error.response.status === 400) {
+                        SignInUtil.sendAuthorizationRequest(requestParams);
+                    }
+
+                    throw error;
+                });
+        } else {
+            SignInUtil.sendAuthorizationRequest(requestParams);
+        }
+    };
+
+    if (AuthenticateSessionUtil.getSessionParameter(AuthenticateTokenKeys.ACCESS_TOKEN)) {
+        if (OPConfigurationUtil.isValidOPConfig(requestParams.tenant)) {
+            AuthenticateSessionUtil.endAuthenticatedSession();
+            OPConfigurationUtil.resetOPConfiguration();
+            handleSignOut();
+        }
+
+        dispatch(setSignIn());
+    } else {
+        OPConfigurationUtil.initOPConfiguration(
+            `${IDENTITY_SERVER_URL}/oauth2/oidcdiscovery/.well-known/openid-configuration`,
+            false
+        )
+            .then(() => {
+                sendSignInRequest();
+            })
+            .catch(() => {
+                OPConfigurationUtil.setAuthorizeEndpoint(`${IDENTITY_SERVER_URL}oauth2/authorize`);
+                OPConfigurationUtil.setTokenEndpoint(`${IDENTITY_SERVER_URL}oauth2/token`);
+                OPConfigurationUtil.setRevokeTokenEndpoint(`${IDENTITY_SERVER_URL}oauth2/revoke`);
+                OPConfigurationUtil.setEndSessionEndpoint(`${IDENTITY_SERVER_URL}/oidc/logout`);
+                OPConfigurationUtil.setJwksUri(`${IDENTITY_SERVER_URL}oauth2/jwks`);
+                OPConfigurationUtil.setIssuer(`${IDENTITY_SERVER_URL}oauth2/token`);
+                OPConfigurationUtil.setOPConfigInitiated();
+
+                sendSignInRequest();
+            });
+    }
+};
+
+/**
+ * Update sessionStorage with location history path
+ *
+ * @param {string} location - history path.
+ */
+export const updateAuthenticationCallbackUrl = (location) => {
+    window.sessionStorage.setItem("auth_callback_url", location);
+};
diff --git a/frontend/src/authentication/state/types/authentications.js b/frontend/src/authentication/state/types/authentications.js
new file mode 100644
index 0000000..fb8becc
--- /dev/null
+++ b/frontend/src/authentication/state/types/authentications.js
@@ -0,0 +1,64 @@
+/**
+ * Copyright (c) 2020, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Action type to handle the sign in requests
+ *
+ * @type {string}
+ */
+const SET_SIGN_IN = "SET_SIGN_IN";
+
+/**
+ * Action type to handle the sign out requests
+ *
+ * @type {string}
+ */
+const SET_SIGN_OUT = "SET_SIGN_OUT";
+
+/**
+ * Action type to handle the reset authentication requests
+ *
+ * @type {string}
+ */
+const RESET_AUTHENTICATION = "RESET_AUTHENTICATION";
+
+/**
+ * Action type to set the profile info
+ *
+ * @type {string}
+ */
+const SET_PROFILE_INFO = "SET_PROFILE_INFO";
+
+/**
+ * Action type to set the schemas
+ * @type {string}
+ */
+const SET_SCHEMAS = "SET_SCHEMAS";
+
+/**
+ * Export action types
+ *
+ * @type {object}
+ */
+export const authenticateActionTypes = {
+    RESET_AUTHENTICATION,
+    SET_PROFILE_INFO,
+    SET_SCHEMAS,
+    SET_SIGN_IN,
+    SET_SIGN_OUT
+};
diff --git a/frontend/src/authentication/state/types/index.js b/frontend/src/authentication/state/types/index.js
new file mode 100644
index 0000000..9753a5f
--- /dev/null
+++ b/frontend/src/authentication/state/types/index.js
@@ -0,0 +1 @@
+export * from "./authentications";
diff --git a/frontend/src/config.js b/frontend/src/config.js
index e3dcf60..43eb6cb 100644
--- a/frontend/src/config.js
+++ b/frontend/src/config.js
@@ -1,9 +1,13 @@
 let API_BASE_URL = "http://localhost:8000";
 let WEB_SOCKET_BASE_URL = "ws://127.0.0.1:8000"
+let IDENTITY_SERVER_URL = "https://localhost:9443/";
+let CLIENT_ID = "zaD9TmFtlFCVWkH4ny9uE6IVpQYa";
 
 if (process.env.NODE_ENV === "production"){
-    API_BASE_URL = process.env.REACT_APP_API_BASE_URL
-    WEB_SOCKET_BASE_URL = process.env.REACT_APP_WEB_SOCKET_BASE_URL;;
+    API_BASE_URL = process.env.REACT_APP_API_BASE_URL;
+    WEB_SOCKET_BASE_URL = process.env.REACT_APP_WEB_SOCKET_BASE_URL;
+    IDENTITY_SERVER_URL = process.env.IDENTITY_SERVER_URL;
+    CLIENT_ID = process.env.CLIENT_ID;
 }
 
-export { API_BASE_URL, WEB_SOCKET_BASE_URL };
+export { API_BASE_URL, WEB_SOCKET_BASE_URL,IDENTITY_SERVER_URL, CLIENT_ID };
diff --git a/frontend/src/routes/MainRouter.js b/frontend/src/routes/MainRouter.js
index 66611f0..6c2ecab 100644
--- a/frontend/src/routes/MainRouter.js
+++ b/frontend/src/routes/MainRouter.js
@@ -11,6 +11,7 @@ import IncidentFormInternal from "../incident-filing/components/IncidentFormInte
 import { ReportList, ReportViewer } from "../reporting";
 
 import SignInPage from "../app/SignInPage";
+import {SignIn } from "../authentication/sign-in";
 import PrivateRoute from "./PrivateRoute";
 
 import ReviewComplaintsListView from '../ongoing-incidents/components/ReviewComplaintsListView';
diff --git a/frontend/src/store/store.js b/frontend/src/store/store.js
index 0148516..f0a3e9a 100644
--- a/frontend/src/store/store.js
+++ b/frontend/src/store/store.js
@@ -8,6 +8,7 @@ import modalReducer from '../modals/state/modal.reducers';
 import { notificationReducer } 
         from '../notifications/state/notifications.reducers';
 
+import { authenticateReducer} from "../authentication/state/authentication.reducers";
 //new incidents reducer
 import incidentReducer from '../incident/state/incidentReducer';
 import guestViewReducer from '../guest-view/state/guestViewReducer';
@@ -25,7 +26,8 @@ const reducer = combineReducers({
     guestView: guestViewReducer,
     user: userReducer,
     loading: loadingReducer,
-    event: eventReducer
+    event: eventReducer,
+    authentication: authenticateReducer
 })
 
 const store = createStore(