diff --git a/NEWS.md b/NEWS.md
index 39b4c97..f12ceaf 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -1,3 +1,13 @@
+## [v1.0.8](https://gitlab.com/html-validate/html-validate/compare/v1.0.8) (2023-07-13)
+
+
+### :sparkle: Features :sparkle:
+-  [US00022](https://rally1.rallydev.com/#/search?keywords=US00022)  Add Auth controller. ([96035e15e097289](https://github.com/vijay-eis/mod-spring-sample/commit/96035e15e097289))
+
+
+### :lady_beetle: Fixes :lady_beetle:
+-  Incorrect response message ([3fefbc68d5f9d19](https://github.com/vijay-eis/mod-spring-sample/commit/3fefbc68d5f9d19))
+
 ## [v1.0.7](https://gitlab.com/html-validate/html-validate/compare/v1.0.7) (2023-03-03)
 
 ### :stop_sign: Breaking changes :stop_sign:
diff --git a/pom.xml b/pom.xml
index 19c8160..2191b7f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
     </parent>
     <groupId>com.vijay</groupId>
     <artifactId>mod-spring-sample</artifactId>
-    <version>1.0.7</version>
+    <version>1.0.8</version>
     <name>mod-spring-sample</name>
     <description>mod-spring-sample</description>
     <properties>
diff --git a/src/main/java/com/vijay/spring/controller/AuthController.java b/src/main/java/com/vijay/spring/controller/AuthController.java
new file mode 100644
index 0000000..3262de1
--- /dev/null
+++ b/src/main/java/com/vijay/spring/controller/AuthController.java
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package com.vijay.spring.controller;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.extern.log4j.Log4j2;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@Log4j2
+public class AuthController {
+    @GetMapping("/auth/signin")
+    @ResponseBody
+    public ResponseEntity<?> signIn(@RequestParam String credentials, HttpServletResponse response) {
+        log.info("Signing in..");
+        Cookie cookie = new Cookie("token", "A1B2C3D4E5F6G7H8");
+        cookie.setHttpOnly(true);
+        response.addCookie(cookie);
+        return new ResponseEntity<>("LOGINOK",HttpStatus.OK);
+    }
+
+    @GetMapping("/auth/logout")
+    @ResponseBody
+    public ResponseEntity<?> logout(HttpServletResponse response) {
+        log.info("logging out..");
+        Cookie cookie = new Cookie("token", "");
+        cookie.setHttpOnly(true);
+        cookie.setMaxAge(0);
+        response.addCookie(cookie);
+        return new ResponseEntity<>(HttpStatus.OK);
+    }
+
+    @GetMapping("/auth/profile")
+    @ResponseBody
+    public ResponseEntity<?> getProfile(@CookieValue(name = "token") String token) {
+        log.info("Get token..");
+        return new ResponseEntity<>(token,HttpStatus.OK);
+    }
+}