Refactor user session handling and permissions management

- Updated session variables to use 'authorization' array instead of 'username' for user identification across multiple files. - Introduced a new function `getUserPermissions` to consolidate user permissions retrieval based on assigned roles. - Modified API calls to use the new authorization structure and updated endpoints to v2. - Enhanced language support by adding 'PL' to the list of supported languages. - Cleaned up redundant code and improved session management during user login and registration processes. - Added a new API endpoint for fetching user permissions based on user ID.
2026-01-19 15:29:16 +01:00
parent 782050c3ca
commit 24481279d5
99 changed files with 683 additions and 539 deletions
--- a/access_element.php
+++ b/access_element.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);
@@ -14,16 +14,16 @@ include_once './settings/settings_redirector.php';
 $_SESSION['prev_origin_access_element'] = $_SERVER['REQUEST_URI'];
 $page = 'access_element';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'access_element_manage';
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$update_allowed_edit = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$update_allowed_edit = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET Details from URL
 $GET_VALUES = urlGETdetails($_GET) ?? '';
--- a/access_element_manage.php
+++ b/access_element_manage.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);
@@ -12,14 +12,14 @@ include_once './settings/settings_redirector.php';

 $page = 'access_element_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input values
 $element = [
@@ -30,7 +30,7 @@ $element = [
    'description' => '',
    'is_active' => 1,
    'created' => '',
-    'createdby' => $_SESSION['username'],
+    'createdby' => $_SESSION['authorization']['clientID'],
    'updated' => '',
    'updatedby' => ''
 ];
--- a/access_elements.php
+++ b/access_elements.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);
@@ -17,15 +17,15 @@ $page = $_SESSION['origin'] = 'access_elements';
 $back_btn_orgin = ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">←</a>':'';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'access_element_manage';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Function to scan project for new PHP files and add to access_elements
 function scan_and_update_access_elements() {
--- a/account.php
+++ b/account.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,15 +15,15 @@ $_SESSION['prev_origin'] = $_SERVER['REQUEST_URI'];
 $page = $_SESSION['origin'] = 'account';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
-$healthindex_allowed = isAllowed('report_healthindex' ,$_SESSION['profile'],$_SESSION['permission'],'R');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');
+$healthindex_allowed = isAllowed('report_healthindex' ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R');

 //GET Details from URL
 $GET_VALUES = urlGETdetails($_GET) ?? '';
@@ -239,13 +239,13 @@ $soldto_id = explode("-",$account_hierarchy->soldto) ?? '';

 //DISPLAY RELATED COMMUNICATION RECORDS
 $view_communication = '';
-if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
+if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
    $view_communication = ' <a href="index.php?page=communications&partnerid='.$soldto_id[0].'" class="btn">'.$button_partner_assigned_communication.'</a>';
 }

 //DISPLAY RELATED USERS
 $view_users ='';
-if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
+if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
    $view_users = ' <a href="index.php?page=users&partnerid='.$soldto_id[0].'" class="btn">'.$button_partner_assigned_users.'</a>';
 }

--- a/account_manage.php
+++ b/account_manage.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'account';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $account = [
@@ -43,7 +43,7 @@ $account = [
        'loghandleraccount' => ''
    ],
    'created' => $date,
-    'createdby' => $_SESSION['username'],
+    'createdby' => $_SESSION['authorization']['clientID'],
    'accounthierarchy' => [
        'salesid' => '',
        'soldto' => ''
@@ -271,8 +271,8 @@ $view .= '<div class="tabs">

 //Dropdown

-$partner_data = json_decode($_SESSION['partnerhierarchy']);
-$soldto_dropdown = listPartner('soldto',$_SESSION['permission'],$accounthierarchy->soldto,'');
+$partner_data = json_decode($_SESSION['authorization']['partnerhierarchy']);
+$soldto_dropdown = listPartner('soldto',$_SESSION['authorization']['permission'],$accounthierarchy->soldto,'');

 $view .= '<div class="tabs">
            <a href="#">'.$tab3.'</a>
--- a/accounts.php
+++ b/accounts.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,15 +15,15 @@ $_SESSION['prev_origin'] = '';
 $page = 'accounts';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'account_manage';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET PARAMETERS
 $pagination_page = isset($_GET['p']) ? $_GET['p'] : 1;
--- a/api/v2/get/user_permissions.php
+++ b/api/v2/get/user_permissions.php
@@ -0,0 +1,70 @@
+<?php
+defined($security_key) or exit;
+
+//------------------------------------------
+// User Role Assignments
+//------------------------------------------
+//Connect to DB
+$pdo = dbConnect($dbname);
+
+//------------------------------------------
+//NEW ARRAY
+//------------------------------------------
+$criterias = [];
+$user_permissions = [];
+
+//------------------------------------------
+//Check for $_GET variables and build up clause
+//------------------------------------------
+if(isset($get_content) && $get_content!=''){
+    //GET VARIABLES FROM URL
+    $requests = explode("&", $get_content);
+    //Check for keys and values
+    foreach ($requests as $y){
+        $v = explode("=", $y);
+        //INCLUDE VARIABLES IN ARRAY
+        $criterias[$v[0]] = $v[1];
+    }
+}
+
+$user_key = $criterias['userkey'] ?? null;
+
+if (!$user_key) {
+    http_response_code(400);
+    exit(json_encode(['error_code' => 'API_INPUT_1','error' => 'user_key is required']));
+}
+
+//GET USER_DATA
+$stmt = $pdo->prepare('SELECT * FROM users WHERE userkey = ?');
+$stmt->execute([$user_key]);
+
+if ($stmt->rowCount() == 1) {
+    //Get results
+    $user_data = $stmt->fetch();
+
+    //GET DATA
+    $user_permissions['id'] = $user_data['id'];
+    $user_permissions['email'] = $user_data['email'];
+    $user_permissions['partnerhierarchy'] = $user_data['partnerhierarchy']; //clean;
+    $user_permissions['permission'] = userRights($user_data['view']);
+    $user_permissions['profile'] = getProfile($user_data['settings'],userRights($user_data['view']));
+
+    //NEW DATA REPLACING PROFILE AND LATER PERMISSION ABOVE
+    $user_permissions['permissions'] = getUserPermissions($pdo, $user_data['id']);
+
+    if (!$user_permissions['permissions']) {
+        http_response_code(404);
+        exit(json_encode(['error_code' => 'API_NOT_FOUND','error' => 'No permissions found']));
+    }
+
+    //+++++++++++++++++++++++++++++++++++++++++++
+    //Return as JSON
+    //+++++++++++++++++++++++++++++++++++++++++++
+    echo json_encode($user_permissions);
+}
+else {
+    http_response_code(404);
+    exit(json_encode(['error_code' => 'API_NOT_FOUND','error' => 'User not found']));
+}
+
+?>
--- a/assets/functions.php
+++ b/assets/functions.php
@@ -304,7 +304,7 @@ function menu($selected,$selected_child){
  $menu = '';

  //filter the main_menu array based on profile
-  $filteredMenu = filterMenuByProfile($main_menu, $_SESSION['profile']);
+  $filteredMenu = filterMenuByProfile($main_menu, $_SESSION['authorization']['profile']);

  foreach ($filteredMenu  as $menu_item){
      //Main Item
@@ -340,12 +340,12 @@ function template_header($title, $selected = 'assets', $selected_child = 'view')
  $domain = getDomainName($_SERVER['SERVER_NAME']);
  $custom_css = (file_exists(dirname(__FILE__,2).'/custom/'.$domain.'/style/'.$domain.'.css') ? './custom/'.$domain.'/style/'.$domain.'.css' : './style/admin.css');
  
-  $user = ucfirst($_SESSION['username']);
+  $user = ucfirst($_SESSION['authorization']['clientID']);
  if (filter_var($user, FILTER_VALIDATE_EMAIL)){
    $user = substr($user, 0, strpos($user, "@"));
  }

-  if (isset($_SESSION['id'])){$id = $_SESSION['id'];} else{$id='';}
+  if (isset($_SESSION['authorization']['id'])){$id = $_SESSION['authorization']['id'];} else{$id='';}

  if(isset($_SESSION['country_code'])){
    $api_file_language = dirname(__FILE__,2).'/settings/translations/translations_'.strtoupper($_SESSION['country_code']).'.php';
@@ -520,8 +520,8 @@ EOT;
 //------------------------------------------
 function template_footer($js_script = '') {
        $js_script = $js_script ? '<script>' . $js_script . '</script>' : '';
-        $lancode = $_SESSION['language'] ?? 'US';
-        $user_mail = $_SESSION['email'] ?? '';
+        $lancode = $_SESSION['authorization']['language'] ?? 'US';
+        $user_mail = $_SESSION['authorization']['email'] ?? '';
        $veliti_cim = '';
        if (veliti_cim){
          $veliti_cim = '
@@ -1239,7 +1239,7 @@ function ioServer($api_call, $data){
        debuglog($date." - ioServer incoming call: api_call=$api_call, data=" . $data_log);
    }
  
-    $token = $_SESSION['userkey'] ?? 'authorization_request';
+    $token = $_SESSION['authorization']['userkey'] ?? 'authorization_request';
    $bearertoken = createCommunicationToken($token);
        
    $url = $baseurl.$api_call;
@@ -1541,18 +1541,16 @@ function getProfile($profile, $permission){
  //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  function isAllowed($page,$profile,$permission,$action){    
    
-    //++++++++++++++++
-    //OVERRIDE
-    //++++++++++++++++
-    return 1;
-    //++++++++++++++++
-
+   //override for testing only
+   return 1;
+    
    //Include settingsa
    include dirname(__FILE__,2).'/settings/settings_redirector.php';

    // Always allowed collections: [collection => allowed_actions_string]
    $always_allowed = [
        'com_log' => 'U',
+        'user_permissions' => 'R',
        'software_update' => 'R',
        'software_download' => 'R',
        'software_available' => 'R',
@@ -2690,7 +2688,7 @@ function listPartner($partnertype, $user_right, $input, $required)
 //BASED ON USERRIGHT DEFINE SQL AND DATA RETURNED
 if ($user_right != 3 || $user_right !=4) {
    //NOT ADMIN USER
-    $partner = json_decode($_SESSION['partnerhierarchy']);
+    $partner = json_decode($_SESSION['authorization']['partnerhierarchy']);
    //SoldTo is empty
    if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
    //BUILD CONDITION
@@ -2738,7 +2736,7 @@ function listAccounts($type, $user_right, $input)
 //BASED ON USERRIGHT DEFINE SQL AND DATA RETURNED
 if ($user_right != 3 || $user_right !=4) {
    //NOT ADMIN USER
-    $partner = json_decode($_SESSION['partnerhierarchy']);
+    $partner = json_decode($_SESSION['authorization']['partnerhierarchy']);
    //SoldTo is empty
    if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} else {$soldto_search = '-%';}
    //BUILD CONDITION
@@ -5661,4 +5659,77 @@ function generateCountriesFile($token){
    }

    return false;
+}
+
+/**
+ * Get combined user permissions based on all assigned roles
+ *
+ * This function retrieves all role assignments for a user and combines permissions
+ * from multiple roles. If the same access_element appears in multiple roles,
+ * permissions are merged (OR operation) so the user gets the union of all permissions.
+ *
+ * For example:
+ * - Role A: access_element 'assets' with C=1, U=1, D=0
+ * - Role B: access_element 'assets' with C=0, U=0, D=1
+ * - Result: access_element 'assets' with C=1, U=1, D=1
+ *
+ * @param PDO $pdo Database connection
+ * @param int $user_id The user ID to get permissions for
+ * @return array Associative array of permissions indexed by access_element path
+ *               Each element contains: [path, name, group, can_create, can_read, can_update, can_delete]
+ */
+function getUserPermissions($pdo, $user_id) {
+    // Get all active role assignments for the user with their permissions
+    $sql = "SELECT
+                ae.access_path,
+                ae.access_name,
+                ae.access_group,
+                rap.can_create,
+                rap.can_read,
+                rap.can_update,
+                rap.can_delete
+            FROM user_role_assignments ura
+            INNER JOIN user_roles ur ON ura.role_id = ur.rowID
+            INNER JOIN role_access_permissions rap ON ur.rowID = rap.role_id
+            INNER JOIN access_elements ae ON rap.access_id = ae.rowID
+            WHERE ura.user_id = :user_id
+                AND ura.is_active = 1
+                AND ur.is_active = 1
+                AND ae.is_active = 1
+                AND (ura.expires_at IS NULL OR ura.expires_at > NOW())
+            ORDER BY ae.access_path";
+
+    $stmt = $pdo->prepare($sql);
+    $stmt->bindParam(':user_id', $user_id, PDO::PARAM_INT);
+    $stmt->execute();
+    $results = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    // Combine permissions for duplicate access elements
+    $combined_permissions = [];
+
+    foreach ($results as $row) {
+        $path = $row['access_path'];
+
+        if (!isset($combined_permissions[$path])) {
+            // First time seeing this access element
+            $combined_permissions[$path] = [
+                'path' => $row['access_path'],
+                'name' => $row['access_name'],
+                'group' => $row['access_group'],
+                'can_create' => (int)$row['can_create'],
+                'can_read' => (int)$row['can_read'],
+                'can_update' => (int)$row['can_update'],
+                'can_delete' => (int)$row['can_delete']
+            ];
+        } else {
+            // Access element already exists, combine permissions (OR operation)
+            // If any role grants a permission, the user has that permission
+            $combined_permissions[$path]['can_create'] = max($combined_permissions[$path]['can_create'], (int)$row['can_create']);
+            $combined_permissions[$path]['can_read'] = max($combined_permissions[$path]['can_read'], (int)$row['can_read']);
+            $combined_permissions[$path]['can_update'] = max($combined_permissions[$path]['can_update'], (int)$row['can_update']);
+            $combined_permissions[$path]['can_delete'] = max($combined_permissions[$path]['can_delete'], (int)$row['can_delete']);
+        }
+    }
+
+    return $combined_permissions;
 }
--- a/buildtool.php
+++ b/buildtool.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -12,11 +12,11 @@ include_once './settings/settings_redirector.php';

 $page = 'buildtool';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
-$bearertoken = createCommunicationToken($_SESSION['userkey']);
+$bearertoken = createCommunicationToken($_SESSION['authorization']['userkey']);

 //GET PRODUCTS FROM DB
 $pdo = dbConnect($dbname);
--- a/cartest.php
+++ b/cartest.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -13,14 +13,14 @@ include_once './settings/systemcartest.php';

 $page = 'cartest';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //CALL TO API FOR cartest
 $api_url = '/v1/cartests/rowID='.$_GET['rowID'];
--- a/cartest_manage.php
+++ b/cartest_manage.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -13,16 +13,16 @@ include_once './settings/systemcartest.php';

 $page = 'cartest_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

-$bearertoken = createCommunicationToken($_SESSION['userkey']);
+$bearertoken = createCommunicationToken($_SESSION['authorization']['userkey']);

 $rowID = $_GET['rowID'] ?? '';

@@ -40,7 +40,7 @@ $cartest = [
    'header' => [
        'CarVIN' => '',
        'year' => '',
-        'NameTester'=> $_SESSION['username'],
+        'NameTester'=> $_SESSION['authorization']['clientID'],
        'SN' =>'',
        'HW' =>'',
        'FW' =>''
--- a/cartests.php
+++ b/cartests.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -11,14 +11,14 @@ include_once './settings/settings_redirector.php';

 $page = 'cartests';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');


 //GET PARAMETERS
@@ -112,7 +112,7 @@ $view .= '
                <a class="btn alt" href="index.php?page=cartests">'.$general_filters_clear.'</a>';
                
 //SHOW DOWNLOAD TO EXCELL OPTION ONLY TO ADMIN USERS
-if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
+if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
    $view .= '<a class="btn alt" href="index.php?page=cartests&download=">
                <i class="fa-solid fa-download"></i> Download
              </a>';
--- a/catalog.php
+++ b/catalog.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,7 +15,7 @@ $prev_page = $_SESSION['prev_origin'] ?? '';
 $page = $_SESSION['origin'] = 'catalog';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/categories.php
+++ b/categories.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,7 +15,7 @@ $prev_page = $_SESSION['prev_origin'] ?? '';
 $page = $_SESSION['origin'] = 'categories';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/category.php
+++ b/category.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'category';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 $category = [
    'rowID' => '',
--- a/communication.php
+++ b/communication.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'communication';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input communication values
 $communication = [
--- a/communication_send.php
+++ b/communication_send.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'communication_send';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 $url = 'index.php?page=communications';

--- a/communications.php
+++ b/communications.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -19,15 +19,15 @@ $back_btn_orgin =  ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt


 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'communication';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET PARAMETERS
 $pagination_page = isset($_GET['p']) ? $_GET['p'] : 1;
@@ -83,7 +83,7 @@ if ($create_allowed === 1){
    $view .= '<a href="index.php?page=communication" class="btn">'.$button_create_communication.'</a>';
 }

-if (isAllowed('communication_send',$_SESSION['profile'],$_SESSION['permission'],'U') === 1){
+if (isAllowed('communication_send',$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U') === 1){
    $view .= '<a href="index.php?page=communication_send" class="btn red mar-right-2">'.$button_create_communication_send.'</a>';
 }

--- a/contract.php
+++ b/contract.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -17,7 +17,7 @@ $page = 'contract';
 $back_btn_orgin =  ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">←</a>':'';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
@@ -27,11 +27,11 @@ $pagination_page = $_SESSION['p'] = isset($_GET['p']) ? $_GET['p'] : 1;

 //PAGE Security
 $page_manage = 'contract_manage';
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$update_allowed_edit = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
-$view_equipment =  isAllowed('equipment' ,$_SESSION['profile'],$_SESSION['permission'],'R');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$update_allowed_edit = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');
+$view_equipment =  isAllowed('equipment' ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R');

 //GET Details from URL
 $GET_VALUES = urlGETdetails($_GET) ?? '';
--- a/contract_manage.php
+++ b/contract_manage.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'contract_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $contract = [
@@ -31,7 +31,7 @@ $contract = [
    'reference' => '',
    'servicetool' => [],
    'assigned_users' => [],
-    'accounthierarchy' => $_SESSION['partnerhierarchy'],
+    'accounthierarchy' => $_SESSION['authorization']['partnerhierarchy'],
    'ignore_list' => []
 ];

@@ -248,10 +248,10 @@ $view .='   </div>
 $partner_data = json_decode($contract['accounthierarchy']);

 //BUID UP DROPDOWNS
-$salesid_dropdown = listPartner('salesid',$_SESSION['permission'],$partner_data->salesid,'');
-$soldto_dropdown = listPartner('soldto',$_SESSION['permission'],$partner_data->soldto,'');
-$shipto_dropdown = listPartner('shipto',$_SESSION['permission'],$partner_data->shipto,'');
-$location_dropdown = listPartner('location',$_SESSION['permission'],$partner_data->location,'');
+$salesid_dropdown = listPartner('salesid',$_SESSION['authorization']['permission'],$partner_data->salesid,'');
+$soldto_dropdown = listPartner('soldto',$_SESSION['authorization']['permission'],$partner_data->soldto,'');
+$shipto_dropdown = listPartner('shipto',$_SESSION['authorization']['permission'],$partner_data->shipto,'');
+$location_dropdown = listPartner('location',$_SESSION['authorization']['permission'],$partner_data->location,'');

 //DISPLAY
 $view .= '<div class="tabs">
--- a/contracts.php
+++ b/contracts.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -18,15 +18,15 @@ $prev_page = ($_SESSION['origin'] == 'equipments') ? $_SESSION['prev_origin_equi
 $back_btn_orgin =  ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">←</a>':'';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'contract_manage';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //Close Contracts when end_date expired
 closeContract();
--- a/cronjob.php
+++ b/cronjob.php
@@ -5,7 +5,7 @@ include_once './assets/functions.php';
 include_once './settings/settings_redirector.php';
 include_once './settings/config_redirector.php';

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
  ini_set('display_errors', '1');
  ini_set('display_startup_errors', '1');
  error_reporting(E_ALL);  
@@ -62,12 +62,10 @@ foreach ($communications as $communication){
 $token ='';

 $data = json_encode(array("username" => interface_user, "password" => interface_pw), JSON_UNESCAPED_UNICODE);
-//Secure data
-$payload = generate_payload($data);
 //API call
-$responses = ioServer('/v1/authorization', $payload);
+$responses = ioServer('/v2/authorization', $data);
 //Decode Payload
-if (!empty($responses)){$responses = decode_payload($responses);}else{$responses = '400';}
+if (!empty($responses)){$responses = json_decode($responses);}else{$responses = '400';}

 if ($responses === 'NOK' || $responses === '400'){
  //Not allowed
--- a/custom/bewellwell/settings/settingsmenu.php
+++ b/custom/bewellwell/settings/settingsmenu.php
@@ -327,7 +327,7 @@ $page_rows_software_versions = 50; //software versions
 //------------------------------------------
 // Languages supported
 //------------------------------------------
-$supportedLanguages = ['US', 'NL', 'DE', 'ES','PT']; 
+$supportedLanguages = ['US', 'NL', 'DE', 'ES','PL','PT']; 

 //------------------------------------------
 // Pricing
--- a/dashboard.php
+++ b/dashboard.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -11,7 +11,7 @@ include_once './assets/functions.php';
 include_once './settings/settings_redirector.php';

 //Check if allowed
-if (isAllowed('dashboard',$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed('dashboard',$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/dealer.php
+++ b/dealer.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,15 +15,15 @@ $_SESSION['prev_origin_dealer'] = $_SERVER['REQUEST_URI'];
 $page = 'dealer';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'dealer_manage';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET Details from URL
 $GET_VALUES = urlGETdetails($_GET) ?? '';
--- a/dealer_manage.php
+++ b/dealer_manage.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'dealer_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');


 if (isset($_GET['rowID']) && $_GET['rowID'] !=''){
@@ -60,7 +60,7 @@ $responses = [
    'dealer_media' => '',
    'full_path' =>'',
    'created' => '',
-    'createdby' => $_SESSION['username'],
+    'createdby' => $_SESSION['authorization']['clientID'],
    'updated' => '',
    'updatedby' => ''
 ];
--- a/dealers.php
+++ b/dealers.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,7 +15,7 @@ $prev_page = $_SESSION['prev_origin'] ?? '';
 $page = $_SESSION['origin'] = 'dealers';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/discount.php
+++ b/discount.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'discount';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 $discount = [
    'id' =>'',
--- a/discounts.php
+++ b/discounts.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,7 +15,7 @@ $prev_page = $_SESSION['prev_origin'] ?? '';
 $page = $_SESSION['origin'] = 'discounts';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/equipment.php
+++ b/equipment.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -14,19 +14,19 @@ include_once './settings/settings_redirector.php';
 $_SESSION['prev_origin_equipment'] = $_SERVER['REQUEST_URI'];
 $page = 'equipment';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'equipment_manage';
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$update_allowed_edit = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
-$view_product =  isAllowed('product' ,$_SESSION['profile'],$_SESSION['permission'],'R');
-$view_history =  isAllowed('history' ,$_SESSION['profile'],$_SESSION['permission'],'C');
-$view_contracts =  isAllowed('contracts' ,$_SESSION['profile'],$_SESSION['permission'],'R');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$update_allowed_edit = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');
+$view_product =  isAllowed('product' ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R');
+$view_history =  isAllowed('history' ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');
+$view_contracts =  isAllowed('contracts' ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R');

 //GET Details from URL
 $GET_VALUES = urlGETdetails($_GET) ?? '';
@@ -108,7 +108,7 @@ if (!empty($responses->sw_version_upgrade) && isset($products_software) && $prod
 }

 //Calculate Healthindex based on last test
-$total_score = assetHealthIndex($_SESSION['profile'],$_SESSION['permission'],$equipment_data,0);
+$total_score = assetHealthIndex($_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],$equipment_data,0);

 //GetPartnerDetails
 $partner_data = json_decode($responses->accounthierarchy);
@@ -163,7 +163,7 @@ $view = '
 //------------------------------------
 //CHECK IF USER IS ALSO CREATOR OF RECORD THEN OVERRIDE UPDATE_ALLOWED_EDIT
 //------------------------------------
-$equipment_owner = (($responses->createdby == $_SESSION['username'])? 1 : 0);
+$equipment_owner = (($responses->createdby == $_SESSION['authorization']['clientID'])? 1 : 0);
 //------------------------------------
 //
 //------------------------------------
@@ -369,7 +369,7 @@ if (!empty($responses->geolocation) || $responses->geolocation != ''){
 }

 //Get all related service events
-if (isAllowed('servicereports',$_SESSION['profile'],$_SESSION['permission'],'R') === 1){
+if (isAllowed('servicereports',$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 1){
 $service_events = serviceEvents($history,$page);

 $view .= '<div class="content-block">
@@ -382,7 +382,7 @@ $view .= '<div class="content-block">
 }

 //Show equipment_data when available and allowed
-if (isAllowed('equipment_data',$_SESSION['profile'],$_SESSION['permission'],'R') === 1 && !empty($equipment_data)){
+if (isAllowed('equipment_data',$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 1 && !empty($equipment_data)){
 $view .= '<div class="content-block">
        <div class="block-header">
            <i class="fa-solid fa-bars fa-sm"></i>'.($view_asset_data_text ?? '').'
@@ -455,13 +455,13 @@ $shipto_id = explode("-",$partner_data->shipto) ?? '';
 $partner_users_id = ($shipto_id[0] != '')? $shipto_id[0] : (($soldto_id[0] != '')? $soldto_id[0] : 1);

 $view_communication = '';
-if ($partner_users_id != 1 && ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4)){
+if ($partner_users_id != 1 && ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4)){
    $view_communication = ' <a href="index.php?page=communications&partnerid='.$partner_users_id.'" class="btn">'.$button_partner_assigned_communication.'</a>';
 }

 //DISPLAY RELATED USERS
 $view_users ='';
-if ($partner_users_id != 1 && ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4)){
+if ($partner_users_id != 1 && ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4)){
    $view_users = ' <a href="index.php?page=users&partnerid='.$partner_users_id.'" class="btn">'.$button_partner_assigned_users.'</a>';
 }

--- a/equipment_data.php
+++ b/equipment_data.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'equipment_data';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $equipment_data = [
@@ -18,7 +18,7 @@ $equipment_data = [
    'equipmentid' => '',
    'historyid' => '',
    'created' => '',
-    'createdby' => $_SESSION['username'],
+    'createdby' => $_SESSION['authorization']['clientID'],
    'measurement' => ''
 ];

--- a/equipment_manage.php
+++ b/equipment_manage.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -10,24 +10,24 @@ if (debug && debug_id == $_SESSION['id']){
 $page = 'equipment_manage';
 $page_edit = 'equipment_manage_edit';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
-$update_allowed_special = isAllowed($page_edit ,$_SESSION['profile'],$_SESSION['permission'],'U');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');
+$update_allowed_special = isAllowed($page_edit ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');

 // Default input product values
 $equipment = [
    'rowID' => '',
    'productrowid' => '',
    'created' => '',
-    'createdby' => $_SESSION['username'],
+    'createdby' => $_SESSION['authorization']['clientID'],
    'status' => 1,
-    'accounthierarchy' => $_SESSION['partnerhierarchy'],
+    'accounthierarchy' => $_SESSION['authorization']['partnerhierarchy'],
    'serialnumber' => '',
    'hw_version' => '',
    'sw_version' => '',
@@ -77,7 +77,7 @@ if (isset($_GET['equipmentID'])) {
    //------------------------------------
    //CHECK IF USER IS ALSO CREATOR OF RECORD THEN OVERRIDE UPDATE_ALLOWED
    //------------------------------------
-    $equipment_owner = (($equipment['createdby'] == $_SESSION['username'])? 1 : 0);
+    $equipment_owner = (($equipment['createdby'] == $_SESSION['authorization']['clientID'])? 1 : 0);
    
    if ($update_allowed === 1 || $equipment_owner === 1 || $update_allowed_special === 1){
        if (isset($_POST['submit'])) {
@@ -216,10 +216,10 @@ $view .= '<div class="tabs">
 //GET PARTNERDATA
 $partner_data = json_decode($equipment['accounthierarchy']);
 //BUID UP DROPDOWNS
-$salesid_dropdown = listPartner('salesid',$_SESSION['permission'],$partner_data->salesid,'');
-$soldto_dropdown = listPartner('soldto',$_SESSION['permission'],$partner_data->soldto,'');
-$shipto_dropdown = listPartner('shipto',$_SESSION['permission'],$partner_data->shipto,'');
-$location_dropdown = listPartner('location',$_SESSION['permission'],$partner_data->location,'');
+$salesid_dropdown = listPartner('salesid',$_SESSION['authorization']['permission'],$partner_data->salesid,'');
+$soldto_dropdown = listPartner('soldto',$_SESSION['authorization']['permission'],$partner_data->soldto,'');
+$shipto_dropdown = listPartner('shipto',$_SESSION['authorization']['permission'],$partner_data->shipto,'');
+$location_dropdown = listPartner('location',$_SESSION['authorization']['permission'],$partner_data->location,'');
 if (isset($partner_data->section)){$section = getPartnerName($partner_data->section) ?? 'Not specified';} else {$section = 'Not specified';}


--- a/equipments.php
+++ b/equipments.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -17,15 +17,15 @@ $page = $_SESSION['origin'] = 'equipments';
 $back_btn_orgin =  ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">←</a>':'';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'equipment_manage';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET PARAMETERS && STORE in SESSION for FURTHER USE/NAVIGATION
 $pagination_page = $_SESSION['p'] = isset($_GET['p']) ? $_GET['p'] : 1;
@@ -192,7 +192,7 @@ $view .= '
                <a class="btn alt" href="index.php?page=equipments">X</a>';
                
 //SHOW DOWNLOAD TO EXCELL OPTION ONLY TO ADMIN USERS
-if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
+if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
    $view .= '<a class="btn alt" href="index.php?page=equipments&download=">
                <i class="fa-solid fa-download"></i>
              </a>';
--- a/equipments_mass_update.php
+++ b/equipments_mass_update.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -12,14 +12,14 @@ include_once './settings/settings_redirector.php';

 $page = 'equipments_mass_update';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET Details from URL
 $GET_VALUES = urlGETdetails($_GET) ?? '';
@@ -188,12 +188,12 @@ $view .= '<form action="" method="post" id="mass_update_form">


 //BUID UP DROPDOWNS
-$partner = json_decode($_SESSION['partnerhierarchy'],true);
+$partner = json_decode($_SESSION['authorization']['partnerhierarchy'],true);

-$salesid_dropdown = listPartner('salesid',$_SESSION['permission'],$partner['salesid'],'yes');
-$soldto_dropdown = listPartner('soldto',$_SESSION['permission'],'','yes');
-$shipto_dropdown = listPartner('shipto',$_SESSION['permission'],'','');
-$location_dropdown = listPartner('location',$_SESSION['permission'],'','');
+$salesid_dropdown = listPartner('salesid',$_SESSION['authorization']['permission'],$partner['salesid'],'yes');
+$soldto_dropdown = listPartner('soldto',$_SESSION['authorization']['permission'],'','yes');
+$shipto_dropdown = listPartner('shipto',$_SESSION['authorization']['permission'],'','');
+$location_dropdown = listPartner('location',$_SESSION['authorization']['permission'],'','');

 $view .='<div class="content-block">
            <div class="block-header">
@@ -202,7 +202,7 @@ $view .='<div class="content-block">
            <div class="form responsive-width-100" style="display: grid; grid-template-columns: repeat(auto-fit, minmax(300px, 1fr)); gap: 20px;">';

 // SHOW SALESID and SOLDTO ONLY TO ADMIN
-if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
+if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
    $view .='<div>
                    <label for="salesid">'.$general_salesid.'</label>
                    '.$salesid_dropdown.'
@@ -227,7 +227,7 @@ $view .='    <div>
            <div>
                <label for="status">'.$equipment_label3.'</label>
                <select id="status" name="status" required>';
-                        if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
+                        if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
                                                $view .= '<option value="0">'.$status0_text .'</option>
                                                        <option value="1">'.$status1_text .'</option>
                                                        <option value="2">'.$status2_text .'</option>';
--- a/factuur.php
+++ b/factuur.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']) {
+if (debug && debug_id == $_SESSION['authorization']['id']) {
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);
@@ -11,7 +11,7 @@ include_once './assets/functions.php';
 include_once './settings/settings_redirector.php';

 // Check if allowed
-if (isAllowed('order', $_SESSION['profile'], $_SESSION['permission'], 'R') === 0) {
+if (isAllowed('order', $_SESSION['authorization']['profile'], $_SESSION['authorization']['permission'], 'R') === 0) {
    header('location: index.php');
    exit;
 }
--- a/firmwaretool.php
+++ b/firmwaretool.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
  ini_set('display_errors', '1');
  ini_set('display_startup_errors', '1');
  error_reporting(E_ALL);  
@@ -9,11 +9,11 @@ if (debug && debug_id == $_SESSION['id']){

 $page = 'firmwaretool';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
-$bearertoken = createCommunicationToken($_SESSION['userkey']);
+$bearertoken = createCommunicationToken($_SESSION['authorization']['userkey']);


 template_header('Firmwaretool', 'firmwaretool','view');
@@ -33,7 +33,7 @@ if (isset($_GET['equipmentID'])){$returnpage = 'equipment&equipmentID='.$_GET['e


 //SHOW BACK BUTTON ONLY FOR PORTAL USERS
-if (isAllowed('dashboard',$_SESSION['profile'],$_SESSION['permission'],'R') != 0){
+if (isAllowed('dashboard',$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') != 0){
  $view .= '
      <div class="title-actions">
          <a href="index.php?page='.$returnpage.'" class="btn alt mar-right-2">←</a>
--- a/histories.php
+++ b/histories.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,7 +15,7 @@ $_SESSION['prev_origin'] = $_SERVER['REQUEST_URI'];
 $page = $_SESSION['origin'] = 'histories';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/history.php
+++ b/history.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -13,15 +13,15 @@ include_once './settings/settings_redirector.php';
 //Check if allowed
 $page = 'history';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'history_manage';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET PARAMETERS
 $pagination_page = isset($_GET['p']) ? $_GET['p'] : 1;
--- a/history_manage.php
+++ b/history_manage.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'history_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $history = [
@@ -19,7 +19,7 @@ $history = [
    'type' => '',
    'description' => '',
    'created' => $date,
-    'createdby' => $_SESSION['username']
+    'createdby' => $_SESSION['authorization']['clientID']
 ];

 //defaults
--- a/index.php
+++ b/index.php
@@ -9,11 +9,6 @@ if (session_status() == PHP_SESSION_NONE) {
 //=====================================

 include dirname(__FILE__).'/settings/config_redirector.php';
-if (debug && debug_id == $_SESSION['id']){
-    ini_set('display_errors', '1');
-    ini_set('display_startup_errors', '1');
-    error_reporting(E_ALL);  
-}

 if (debug){
    set_error_handler(function($errno, $errstr, $errfile, $errline) {
@@ -31,6 +26,29 @@ include dirname(__FILE__).'/assets/functions.php';
 include dirname(__FILE__).'/settings/settings_redirector.php';
 include_once dirname(__FILE__).'/settings/countries.php';

+//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+//GET USER PERMISSION ASSIGNED
+//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+if (!isset($_SESSION['authorization']['id'])){
+
+    $api_url = '/v2/user_permissions/userkey='.$_SESSION['authorization']['userkey'];
+    $responses = ioServer($api_url,'');
+    //Decode Payload
+    if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = null;}
+    
+    //STORE DATA IN SESSION
+    foreach($responses as $key => $value){
+        $_SESSION['authorization'][$key] = $value;
+    }
+}
+
+if (debug && debug_id == $_SESSION['authorization']['id']){
+    ini_set('display_errors', '1');
+    ini_set('display_startup_errors', '1');
+    error_reporting(E_ALL);  
+}
+
+var_dump($_SESSION['authorization']);
 //=====================================
 //TRANSLATION FILE LOCATION
 //=====================================
@@ -92,7 +110,7 @@ if (isset($_GET['page']) && $_GET['page'] == 'logout') {
 //=====================================
 //DEFINE WHERE TO SEND THE USER TO. GET first assigned view in the profile if not available use dashboard
 //=====================================
-$allowed_views = explode(',',$_SESSION['profile']);
+$allowed_views = explode(',',$_SESSION['authorization']['profile']);
 $ignoreViews = ['profile','assets','sales'];

 // If dashboard is in the profile, prioritize it
@@ -117,7 +135,7 @@ include $page . '.php';
 //=====================================

 if (debug){
-    $message = $date.';'.json_encode($_GET).';'.$_SESSION['username'];
+    $message = $date.';'.json_encode($_GET).';'.$_SESSION['authorization']['clientID'];
    debuglog($message);
 }

--- a/language.php
+++ b/language.php
@@ -2,7 +2,7 @@
 defined(page_security_key) or exit;

 //Check if allowed
-if (isAllowed('language',$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed('language',$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/licenses.php
+++ b/licenses.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);
@@ -15,15 +15,15 @@ $prev_page = $_SESSION['prev_origin'] ?? '';
 $page = $_SESSION['origin'] = 'licenses';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'licenses';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Handle license status update
 if ($update_allowed === 1 && isset($_POST['submit'])) {
--- a/logfile.php
+++ b/logfile.php
@@ -2,7 +2,7 @@
 defined(page_security_key) or exit;

 //Check if allowed
-if (isAllowed('logfile',$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed('logfile',$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/login.php
+++ b/login.php
@@ -15,30 +15,26 @@ if (session_status() == PHP_SESSION_NONE) {
 //=========================================
 //GET Language
 //=========================================
-if (isset($_GET['language']) && $_GET['language'] !=''){
-  //INCLUDE LANGUAGE FILE
-  $api_file_language = './settings/translations/translations_'.strtoupper($_GET['language']).'.php';
-  if (file_exists($api_file_language)){   
-      include $api_file_language; //Include the code
-      //DEFINE LANGUAGE
-      $_SESSION['country_code'] = trim($_GET['language']);
-  }
-  else {
-      include './settings/translations/translations_US.php';
-      //DEFINE LANGUAGE
-      $_SESSION['country_code'] = 'US';
-  }
+// Check for GET parameter override first
+if (isset($_GET['language']) && $_GET['language'] != ''){
+  $lang = strtoupper(trim($_GET['language']));
+  $lang = in_array($lang, $supportedLanguages) ? $lang : 'US';
+  $_SESSION['country_code'] = $lang;
+}
+// Check for existing session language
+elseif (isset($_SESSION['country_code'])){
+  $lang = strtoupper($_SESSION['country_code']);
+  $lang = in_array($lang, $supportedLanguages) ? $lang : 'US';
+}
+// Default to browser language
+else {
+  $lang = strtoupper(substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2));
+  $lang = in_array($lang, $supportedLanguages) ? $lang : 'US';
 }

-if(isset($_SESSION['country_code'])){
-  $api_file_language = './settings/translations/translations_'.strtoupper($_SESSION['country_code']).'.php';
-  if (file_exists($api_file_language)){   
-      include $api_file_language; //Include the code
-  }
-  else {
-      include './settings/translations/translations_US.php';
-  }
-} 
+//INCLUDE THE TRANSLATION
+include_once './settings/translations/translations_'.$lang.'.php';
+include_once './settings/countries.php'; 
 //=========================================
 //GET DOMAIN FOR CORRECT STYLING AND SETTINGS
 //=========================================
@@ -77,12 +73,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
  // Validate credentials
  if (empty($username_err) && empty($password_err) && $retry < 3) {
    $data = json_encode(array("username" => $username, "password" => $password), JSON_UNESCAPED_UNICODE);
-    //Secure data
-    $payload = generate_payload($data);
    //API call
-    $responses = ioServer('/v1/authorization', $payload);
+    $responses = ioServer('/v2/authorization', $data);
+
    //Decode Payload
-    if (!empty($responses)){$responses = decode_payload($responses);}else{$responses = '400';}   
+    if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = '400';}   
      
      if ($responses === 'NOK'){
          $retry++;
@@ -93,21 +88,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        // Start a new session
        session_start();
      
-        // Store data in sessions
+        // Store data in session
        $_SESSION['loggedin'] = true;
-        $_SESSION['id'] = $responses->id;
-        $_SESSION['username'] = $responses->username;
-        $_SESSION['email'] = $responses->email;
-        $_SESSION['salesID'] = $responses->salesID;
-        $_SESSION['partnerhierarchy'] = $responses->partnerhierarchy; //clean;
-        $_SESSION['permission'] = $responses->permission;
-        $_SESSION['profile_name'] = $responses->profile_name;
-        $_SESSION['profile'] = $responses->profile;
-        $_SESSION['userkey'] = $responses->userkey;
-        $_SESSION['language'] = $responses->language;
-        $_SESSION['token'] = $responses->token;
-
-        $language_user = trim($responses->language) ?? 'US';
+        $_SESSION['authorization'] = $responses;
+     
+        $language_user = trim($_SESSION['authorization']['language']) ?? 'US';
        if($responses->profile == 'firmwaretool,products_software,application'){
          header('location: index.php?page=firmwaretool');
          exit();
--- a/logout.php
+++ b/logout.php
@@ -5,7 +5,7 @@
 	$_SESSION  = array();

 	// Destroy all session related to user
-	$_SESSION['profile'] = '';
+	$_SESSION['authorization']['profile'] = '';
 	session_unset(); 
 	session_destroy();

--- a/maintenance.php
+++ b/maintenance.php
@@ -3,19 +3,19 @@ defined(page_security_key) or exit;

 $page = 'maintenance';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 if ($update_allowed === 1){
    if (isset($_POST['geoupdate'])){
        //GEOLOCATION UPDATE 
-        geolocationUpdate($_SESSION['userkey']); 
+        geolocationUpdate($_SESSION['authorization']['userkey']); 
    }
    
    if (isset($_POST['closeContract'])){
@@ -29,19 +29,19 @@ if ($update_allowed === 1){
    if (isset($_POST['updateproductmeusurements'])){
        $total_measurement = traintotalMeasurement();
        $total_results = statisticalAnalyses($total_measurement);
-        storeMeasurementProduct($total_results, $_SESSION['userkey']);
+        storeMeasurementProduct($total_results, $_SESSION['authorization']['userkey']);
    }
    if (isset($_POST['updateequipmentmeusurements'])){
        storeMeasurementEquipment('');
    }
    if (isset($_POST['generatefile'])){
-        generateLanguageFile($_POST['language'],$_SESSION['userkey']);
+        generateLanguageFile($_POST['language'],$_SESSION['authorization']['userkey']);
    }  
    if (isset($_POST['generateDealerInformation'])){
-        generateDealerInformation($_SESSION['userkey']);
+        generateDealerInformation($_SESSION['authorization']['userkey']);
    }
    if (isset($_POST['generateCountriesFile'])){
-        generateCountriesFile($_SESSION['userkey']);
+        generateCountriesFile($_SESSION['authorization']['userkey']);
    }
 }

--- a/marketing.php
+++ b/marketing.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -12,15 +12,15 @@ include_once './settings/settings_redirector.php';

 $page = 'marketing';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }

 //PAGE Security
-$update_allowed = isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET PARAMETERS:
 $current_folder = $_GET['folder'] ?? '';
@@ -121,7 +121,7 @@ if (isset($_GET['action'])) {
                
                $additionalData = $_POST; // Include any additional POST data
                
-                $token = createCommunicationToken($_SESSION['userkey']);
+                $token = createCommunicationToken($_SESSION['authorization']['userkey']);
                
                $response = ioAPIv2_FileUpload('/v2/marketing_upload/', $fileData, $additionalData, $token);
                
--- a/media.php
+++ b/media.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -11,14 +11,14 @@ include_once './settings/settings_redirector.php';

 $page = 'media';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');


 //GET PARAMETERS
@@ -98,7 +98,7 @@ $view = '
    </div>
    <div class="title-actions">';
        
-if ($create_allowed === 1 && isAllowed('media_scanner' ,$_SESSION['profile'],$_SESSION['permission'],'C') === 1){
+if ($create_allowed === 1 && isAllowed('media_scanner' ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C') === 1){
    $view .= '<a href="index.php?page=media_scanner" class="btn">📷</a>';
 }

--- a/media_manage.php
+++ b/media_manage.php
@@ -3,16 +3,16 @@ defined(page_security_key) or exit;

 $page = 'media_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }


 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $media = [
--- a/media_scanner.php
+++ b/media_scanner.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'media_scanner';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Check if domain is passed in URL
 $autoFetchDomain = isset($_GET['domain']) ? $_GET['domain'] : '';
--- a/order.php
+++ b/order.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -17,7 +17,7 @@ $page = 'order';
 $back_btn_orgin =  ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">←</a>':'';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
@@ -27,10 +27,10 @@ $pagination_page = $_SESSION['p'] = isset($_GET['p']) ? $_GET['p'] : 1;

 //PAGE Security
 $page_manage = 'order_manage';
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$update_allowed_edit = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$update_allowed_edit = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET Details from URL
 $_GET['list'] = 'order';
--- a/orders.php
+++ b/orders.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,15 +15,15 @@ $prev_page = $_SESSION['prev_origin'] ?? '';
 $page = $_SESSION['origin'] = 'orders';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'order';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET PARAMETERS
 $pagination_page = isset($_GET['p']) ? $_GET['p'] : 1;
--- a/partner.php
+++ b/partner.php
@@ -6,14 +6,14 @@ $_SESSION['prev_origin'] = $_SERVER['REQUEST_URI'];
 $page = $_SESSION['origin'] ='partner';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $partner = [
@@ -138,7 +138,7 @@ $view .= '<div class="content-block tab-content active">
                <label for="partnertype">'.$partner_partnertype.'</label>
                <select id="partnertype" name="partnertype" required>
                ';
-if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4 ){
+if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4 ){
 $view .= '          <option value="'.$partnertype1.'" '.($partner['partnertype']== $partnertype1?' selected':'').'>'.$partnertype1.'</option>
                    <option value="'.$partnertype2.'" '.($partner['partnertype']== $partnertype2?' selected':'').'>'.$partnertype2.'</option>';
 }
@@ -159,10 +159,10 @@ $view .= '</div>
        </div>';

 //GET PARTNERDATA
-$partner_data = json_decode($partner['salesID'])?? json_decode($_SESSION['partnerhierarchy']) ;
+$partner_data = json_decode($partner['salesID'])?? json_decode($_SESSION['authorization']['partnerhierarchy']) ;
 //BUID UP DROPDOWNS
-$salesid_dropdown = listPartner('salesid',$_SESSION['permission'],$partner_data->salesid,'');
-$soldto_dropdown = listPartner('soldto',$_SESSION['permission'],$partner_data->soldto,'');
+$salesid_dropdown = listPartner('salesid',$_SESSION['authorization']['permission'],$partner_data->salesid,'');
+$soldto_dropdown = listPartner('soldto',$_SESSION['authorization']['permission'],$partner_data->soldto,'');

 //DISPLAY
 $view .= '<div class="tabs">
@@ -171,7 +171,7 @@ $view .= '<div class="tabs">
 $view .= '<div class="content-block tab-content">
            <div class="form responsive-width-100">
 ';
-if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
+if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
    $view .= '<label for="status">'.$general_salesid.'</label>';
    $view .= $salesid_dropdown;   
 }
--- a/partners.php
+++ b/partners.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -12,14 +12,14 @@ include_once './settings/settings_redirector.php';

 $page = 'partners';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');


 //GET PARAMETERS
--- a/pricelists.php
+++ b/pricelists.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,15 +15,15 @@ $prev_page = $_SESSION['prev_origin'] ?? '';
 $page = $_SESSION['origin'] = 'pricelists';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'pricelists_manage';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET PARAMETERS
 $pagination_page = isset($_GET['p']) ? $_GET['p'] : 1;
--- a/pricelists_manage.php
+++ b/pricelists_manage.php
@@ -3,16 +3,16 @@ defined(page_security_key) or exit;

 $page = 'pricelists_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }


 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $pricelists = [
--- a/product.php
+++ b/product.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -17,7 +17,7 @@ $page = 'product';
 $back_btn_orgin =  ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">←</a>':'';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
@@ -27,12 +27,12 @@ $pagination_page = $_SESSION['p'] = isset($_GET['p']) ? $_GET['p'] : 1;

 //PAGE Security
 $page_manage = 'product_manage';
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$update_allowed_edit = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
-$media_update = isAllowed('products_media' ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$software_update = isAllowed('products_software_assignment' ,$_SESSION['profile'],$_SESSION['permission'],'U');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$update_allowed_edit = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');
+$media_update = isAllowed('products_media' ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$software_update = isAllowed('products_software_assignment' ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');

 //GET Details from URL
 $GET_VALUES = urlGETdetails($_GET) ?? '';
--- a/product_manage.php
+++ b/product_manage.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'product_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //
 if ($_GET['id'] !=''){
@@ -30,13 +30,13 @@ $product = [
    'url_slug' => '',
    'full_path' =>'',
    'created' => '',
-    'createdby' => $_SESSION['username'],
+    'createdby' => $_SESSION['authorization']['clientID'],
    'parttype' => 1,
    'price' => '0',
    'salesflag' => 0,
    'quantity' => 1,
    'updated' => '',
-    'updatedby' => $_SESSION['username'],
+    'updatedby' => $_SESSION['authorization']['clientID'],
    'product_category' => '',
    'status' => 1,
    'build' => 1,
--- a/products.php
+++ b/products.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,15 +15,15 @@ $prev_page = $_SESSION['prev_origin'] ?? '';
 $page = $_SESSION['origin'] = 'products';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'product_manage';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET PARAMETERS
 $pagination_page = isset($_GET['p']) ? $_GET['p'] : 1;
--- a/products_attributes.php
+++ b/products_attributes.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,15 +15,15 @@ $prev_page = $_SESSION['prev_origin'] ?? '';
 $page = $_SESSION['origin'] = 'products_attributes';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'products_attributes_manage';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET PARAMETERS
 $pagination_page = isset($_GET['p']) ? $_GET['p'] : 1;
--- a/products_attributes_manage.php
+++ b/products_attributes_manage.php
@@ -3,16 +3,16 @@ defined(page_security_key) or exit;

 $page = 'products_attributes_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //

 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $products_attributes = [
--- a/products_configurations.php
+++ b/products_configurations.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'products_configurations';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $products_configurations = [
@@ -20,7 +20,7 @@ $products_configurations = [
    'version' => '',
    'assignment' => '',
    'created' => '',
-    'createdby' => $_SESSION['username'],
+    'createdby' => $_SESSION['authorization']['clientID'],
    'updated' => '',
    'updatedby' => ''
 ];
--- a/products_software.php
+++ b/products_software.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'products_software';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $products_software = [
@@ -21,7 +21,7 @@ $products_software = [
    'hw_version' => '',
    'software' => '',
    'created' => '',
-    'createdby' => $_SESSION['username'],
+    'createdby' => $_SESSION['authorization']['clientID'],
    'mandatory' => '',
    'latest' => ''
 ];
--- a/products_software_assignments.php
+++ b/products_software_assignments.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'products_software_assignments';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Get product details
 $productrowid = $_GET['productrowid'] ?? '';
--- a/products_software_upgrade_paths_manage.php
+++ b/products_software_upgrade_paths_manage.php
@@ -6,14 +6,14 @@ if (!isset($button_cancel)) $button_cancel = 'Cancel';

 $page = 'products_software_upgrade_paths_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Determine redirect URL
 if (isset($_GET['id'])) {
@@ -32,9 +32,9 @@ $path = [
    'description' => '',
    'is_active' => 1,
    'created' => '',
-    'createdby' => $_SESSION['username'],
+    'createdby' => $_SESSION['authorization']['clientID'],
    'updated' => '',
-    'updatedby' => $_SESSION['username']
+    'updatedby' => $_SESSION['authorization']['clientID']
 ];

 // Check if coming from version page (id parameter) or editing existing path
--- a/products_software_version.php
+++ b/products_software_version.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);
@@ -20,7 +20,7 @@ $back_btn_orgin =  ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt
 if (!isset($button_cancel)) $button_cancel = 'Cancel';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
@@ -30,10 +30,10 @@ $pagination_page = $_SESSION['p'] = isset($_GET['p']) ? $_GET['p'] : 1;

 //PAGE Security
 $page_manage = 'products_software_version_manage';
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$update_allowed_edit = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$update_allowed_edit = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET Details from URL
 $GET_VALUES = urlGETdetails($_GET) ?? '';
--- a/products_software_version_manage.php
+++ b/products_software_version_manage.php
@@ -6,14 +6,14 @@ if (!isset($button_cancel)) $button_cancel = 'Cancel';

 $page = 'products_software_version_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //
 if (isset($_GET['id']) &&  $_GET['id']!=''){
@@ -34,9 +34,9 @@ $version = [
    'file_path' => '',
    'status' => 1,
    'created' => '',
-    'createdby' => $_SESSION['username'],
+    'createdby' => $_SESSION['authorization']['clientID'],
    'updated' => '',
-    'updatedby' => $_SESSION['username']
+    'updatedby' => $_SESSION['authorization']['clientID']
 ];

 // If editing, fetch existing data
--- a/products_software_versions.php
+++ b/products_software_versions.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);
@@ -25,15 +25,15 @@ $prev_page = $_SESSION['prev_origin'] ?? '';
 $page = $_SESSION['origin'] = 'products_software_versions';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'products_software_version_manage';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET PARAMETERS
 $pagination_page = isset($_GET['p']) ? $_GET['p'] : 1;
--- a/products_versions.php
+++ b/products_versions.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'products_versions';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $products_versions = [
@@ -20,7 +20,7 @@ $products_versions = [
    'version' => '',
    'config' => '',
    'created' => '',
-    'createdby' => $_SESSION['username'],
+    'createdby' => $_SESSION['authorization']['clientID'],
    'measurement' => '',
 ];

--- a/profile.php
+++ b/profile.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'profile';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $user = [
@@ -29,7 +29,7 @@ $user = [

 // ID param exists, edit an existing product
 //CALL TO API
-$api_url = '/v1/profile/userkey='.$_SESSION['userkey'];
+$api_url = '/v1/profile/userkey='.$_SESSION['authorization']['userkey'];
 $responses = ioServer($api_url,'');
 //Decode Payload
 if (!empty($responses)){$responses = decode_payload($responses);}else{$responses = null;}
@@ -75,7 +75,7 @@ if ($update_allowed === 1){
 //------------------------------------
 //CHECK IF USER IS ALSO CREATOR OF RECORD THEN OVERRIDE UPDATE_ALLOWED_EDIT
 //------------------------------------
-$update_allowed = (($user['username'] == $_SESSION['username'])? 1 : 0);
+$update_allowed = (($user['username'] == $_SESSION['authorization']['clientID'])? 1 : 0);
    
 template_header('Profile', 'profile', 'manage');

@@ -85,7 +85,7 @@ $view ='
        <h2 class="responsive-width-100">'.$user_h2.'</h2>
        <a href="index.php?page=dasboard" class="btn alt mar-right-2">←</a>
 ';
-if ($update_allowed === 1 && $_SESSION['permission'] != 0){
+if ($update_allowed === 1 && $_SESSION['authorization']['permission'] != 0){
    $view .= '<input type="submit" name="submit" value="💾" class="btn">';
 }
   
@@ -108,7 +108,7 @@ $view .= '<div class="content-block tab-content active">
                <input type="text" name="" placeholder="" value="'.${'permission'.$user['view']}.'" readonly>
                <label for="profile">'.$User_profile.'</label>
                <input type="text" name="" placeholder="" value="'.$user['settings'].'" readonly>
-                <textarea id="" name="assigned_profile" placeholder="">'.$_SESSION['profile'].'</textarea>
+                <textarea id="" name="assigned_profile" placeholder="">'.$_SESSION['authorization']['profile'].'</textarea>
                <label for="service">'.$User_service.'</label>
                <input type="text" name="" placeholder="" value="'.(($user['service']!='') ? $enabled : $disabled ).'" readonly>
                <label for="service">'.$User_language.'</label>
@@ -120,7 +120,7 @@ $view .= '<div class="content-block tab-content active">
 $view .='       </select>
                <input type="hidden" name="id" value="'.$user['id'].'">
        ';
-    if ($update_allowed === 1 && $_SESSION['permission'] != 0){
+    if ($update_allowed === 1 && $_SESSION['authorization']['permission'] != 0){
        $view .= '<label for="service">'.$User_pw_reset .'</label>
                 <input type="submit" name="reset" value="Reset" class="btn" style="width: 15%;" onclick="return confirm(\'Are you sure you want to reset this user password?\')"> 
                ';
--- a/profiles.php
+++ b/profiles.php
@@ -12,7 +12,7 @@ include dirname(__FILE__).'/settings/settingsviews.php';

 $page = 'profiles';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/register.php
+++ b/register.php
@@ -32,12 +32,10 @@ if (isset($_POST['register'])){
  $register = $_POST;
  //GET USERKEY
  $data = json_encode(array("username" => interface_user, "password" => interface_pw), JSON_UNESCAPED_UNICODE);
-  //Secure data
-  $payload = generate_payload($data);
  //API call
-  $responses = ioServer('/v1/authorization', $payload);
+  $responses = ioServer('/v2/authorization', $data);
  //Decode Payload
-  if (!empty($responses)){$responses = decode_payload($responses);}else{$responses = '400';}
+  if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = '400';}
  
  if ($responses === 'NOK' || $responses === '400'){
    //Not allowed
@@ -47,7 +45,7 @@ if (isset($_POST['register'])){
    // Start a new session
    session_start();    
    // Store data in session
-    $_SESSION['userkey'] = $responses->userkey;
+    $_SESSION['authorization']['userkey'] = $responses['userkey'];
    // GET ALL POST DATA
    $data = json_encode($register, JSON_UNESCAPED_UNICODE);
    // Secure data
--- a/report_build.php
+++ b/report_build.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,7 +15,7 @@ $_SESSION['prev_origin'] = $_SERVER['REQUEST_URI'];

 $page = 'report_build';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/report_builder.php
+++ b/report_builder.php
@@ -6,13 +6,13 @@ $_SESSION['prev_origin'] = $_SERVER['REQUEST_URI'];
 $page = $_SESSION['origin'] = 'report_builder';

 //Check if allowed
-if (isAllowed($page, $_SESSION['profile'], $_SESSION['permission'], 'R') === 0) {
+if (isAllowed($page, $_SESSION['authorization']['profile'], $_SESSION['authorization']['permission'], 'R') === 0) {
    header('location: index.php');
    exit;
 }

 // Create bearer token for API calls
-$bearertoken = createCommunicationToken($_SESSION['userkey']);
+$bearertoken = createCommunicationToken($_SESSION['authorization']['userkey']);

 // Include settings for baseurl
 include './settings/settings_redirector.php';
--- a/report_contracts_billing.php
+++ b/report_contracts_billing.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -18,7 +18,7 @@ $prev_page = ($_SESSION['origin'] == 'equipments') ? $_SESSION['prev_origin_equi
 $back_btn_orgin =  ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">←</a>':'';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/report_healthindex.php
+++ b/report_healthindex.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -17,7 +17,7 @@ $page = $_SESSION['origin'] = 'report_healthindex';
 $back_btn_orgin =  ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">←</a>':'';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
@@ -135,7 +135,7 @@ $view .= '
        ';

 //SHOW DOWNLOAD TO EXCELL OPTION ONLY TO ADMIN USERS
-if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
+if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
    $view .='<div class="filters">
                <a href="index.php?page=report_healthindex&download="><i class="fa-solid fa-download"></i></a>        
            </div>';
--- a/report_usage.php
+++ b/report_usage.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -12,7 +12,7 @@ include_once './settings/settings_redirector.php';

 $page = 'report_usage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/reset.php
+++ b/reset.php
@@ -62,12 +62,10 @@ if ($_POST['submit'] === 'Reset' && $_POST['username'] !='EMP-updater') {
  // Validate credentials
  if (empty($username_err)){
    $data = json_encode(array("username" => $username, "resetkey" => ''), JSON_UNESCAPED_UNICODE);
-    //Secure data
-    $payload = generate_payload($data);
    //API call
-    $responses = ioServer('/v1/authorization', $payload);
+    $responses = ioServer('/v2/authorization', $data);
    //Decode Payload
-    if (!empty($responses)){$responses = decode_payload($responses);}else{$responses = '400';}   
+    if (!empty($responses)){$responses = json_decode($responses);}else{$responses = '400';}   
    
      if ($responses === 'NOK'){
          $username_err = $password_err_1 ?? 'Not authorized, please retry';
@@ -107,11 +105,9 @@ if (isset($_POST['resetkey']) && $_POST['resetkey'] !='' && $_POST['password_upd
          else {
            //UPDATE PASSWORD
            $data = json_encode(array("password" => $password, "resetkey" => $resetkey), JSON_UNESCAPED_UNICODE);
-            //Secure data
-            $payload = generate_payload($data);
            //API call
-            $responses = ioServer('/v1/authorization', $payload);
-            if (!empty($responses)){$responses = decode_payload($responses);}else{$responses = '400';}   
+            $responses = ioServer('/v2/authorization', $data);
+            if (!empty($responses)){$responses = json_decode($responses);}else{$responses = '400';}   
      
                if ($responses === 'NOK'){
                    $username_err = $password_err_1 ?? 'Not authorized, please retry';
--- a/rma.php
+++ b/rma.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -13,17 +13,17 @@ include_once './settings/systemrma.php';

 $page = 'rma';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

-$view_product =  isAllowed('product' ,$_SESSION['profile'],$_SESSION['permission'],'R');
-$view_history =  isAllowed('history' ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$view_product =  isAllowed('product' ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R');
+$view_history =  isAllowed('history' ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 $rowID = $_GET['rowID'] ?? '';

--- a/rma_manage.php
+++ b/rma_manage.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -13,17 +13,17 @@ include_once './settings/systemrma.php';

 $page = 'rma_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

-$view_product =  isAllowed('product' ,$_SESSION['profile'],$_SESSION['permission'],'R');
-$view_history =  isAllowed('history' ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$view_product =  isAllowed('product' ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R');
+$view_history =  isAllowed('history' ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 $rowID = $_GET['rowID'] ?? '';

--- a/rmas.php
+++ b/rmas.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -11,14 +11,14 @@ include_once './settings/settings_redirector.php';

 $page = 'rmas';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');


 //GET PARAMETERS
@@ -113,7 +113,7 @@ $view .= '
                <a class="btn alt" href="index.php?page=rmas">'.$general_filters_clear.'</a>';
                
 //SHOW DOWNLOAD TO EXCELL OPTION ONLY TO ADMIN USERS
-if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
+if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
    $view .= '<a class="btn alt" href="index.php?page=rmas&download=">
                <i class="fa-solid fa-download"></i> Download
              </a>';
--- a/servicereport.php
+++ b/servicereport.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -19,7 +19,7 @@ $back_btn_orgin =  ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt


 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/servicereports.php
+++ b/servicereports.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -19,7 +19,7 @@ $page = $_SESSION['origin'] = 'servicereports';
 $back_btn_orgin =  ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">←</a>':'';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/settings.php
+++ b/settings.php
@@ -8,7 +8,7 @@ $domain = getDomainName($_SERVER['SERVER_NAME']);
 $file = ((file_exists(dirname(__FILE__).'/custom/'.$domain.'/settings/'.$domain.'_config.php')) ? dirname(__FILE__).'/custom/'.$domain.'/settings/'.$domain.'_config.php' : dirname(__FILE__).'/settings/config.php');

 //Check if allowed
-if (isAllowed('settings',$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed('settings',$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
@@ -101,7 +101,7 @@ if (isset($_POST['submit']) && !empty($_POST)) {

 if (isset($_POST['geoupdate'])){
    //GEOLOCATION UPDATE 
-    geolocationUpdate($_SESSION['userkey']); 
+    geolocationUpdate($_SESSION['authorization']['userkey']); 
 }

 if (isset($_POST['updatecartest'])){
--- a/settings/settingsmenu.php
+++ b/settings/settingsmenu.php
@@ -353,7 +353,7 @@ $page_rows_folders = 25; //marketing folders
 //------------------------------------------
 // Languages supported
 //------------------------------------------
-$supportedLanguages = ['US', 'NL', 'DE', 'ES','PT']; 
+$supportedLanguages = ['US', 'NL', 'DE', 'ES','PL','PT']; 

 //------------------------------------------
 // Pricing
--- a/settings/settingsprofiles.php
+++ b/settings/settingsprofiles.php
@@ -1,27 +1,27 @@
 <?php
 /*Standard*/
-define('standard_profile','dashboard,profile,application,firmwaretool,histories,history,servicereport,servicereports,equipment,equipments,products_software');
+define('standard_profile','application,firmwaretool,histories,history,servicereport,servicereports,dashboard,profile,equipment,equipments,products_software');
 /*Superuser*/
-define('superuser_profile','admin,dashboard,profile,application,assets,firmwaretool,histories,history,history_manage,marketing,partner,partners,servicereport,servicereports,equipment,equipment_manage,equipment_manage_edit,equipments,equipments_mass_update,product,product_manage,products,products_software,products_versions,user,user_manage,users');
+define('superuser_profile','application,assets,firmwaretool,histories,history,history_manage,marketing,partner,partners,servicereport,servicereports,admin,dashboard,profile,equipment,equipment_manage,equipment_manage_edit,equipments,equipments_mass_update,product,product_manage,products,products_software,products_versions,user,user_manage,users');
 /*Admin*/
-define('admin_profile','account,accounts,admin,dashboard,profile,application,assets,buildtool,buildtool,cartest,cartest_manage,cartests,changelog,communication,communication_send,communications,firmwaretool,histories,history,history_manage,marketing,partner,partners,sales,servicereport,servicereports,software_available,software_download,software_update,softwaretool,contract,contract_manage,contracts,equipment,equipment_data,equipment_healthindex,equipment_manage,equipment_manage_edit,equipments,equipments_mass_update,product,product_manage,products,products_software,products_software_assignment,products_software_assignments,products_software_assignments,products_versions,report_build,report_contracts_billing,report_healthindex,reporting,rma,rma_history,rma_history_manage,rma_manage,rmas,user,user_manage,users');
+define('admin_profile','application,assets,buildtool,buildtool,cartest,cartest_manage,cartests,changelog,communication,communication_send,communications,firmwaretool,histories,history,history_manage,marketing,partner,partners,sales,servicereport,servicereports,software_available,software_download,software_update,softwaretool,account,accounts,admin,dashboard,profile,contract,contract_manage,contracts,equipment,equipment_data,equipment_healthindex,equipment_history,equipment_manage,equipment_manage_edit,equipments,equipments_mass_update,product,product_manage,products,products_software,products_software_assignment,products_software_assignments,products_software_assignments,products_software_licenses,products_versions,report_build,report_contracts_billing,report_healthindex,reporting,rma,rma_history,rma_history_manage,rma_manage,rmas,user,user_manage,users');
 /*AdminPlus*/
-define('adminplus_profile','account,account_manage,accounts,admin,config,dashboard,profile,settings,api,application,appointment,assets,billing,buildtool,buildtool,cartest,cartest_manage,cartests,catalog,categories,category,changelog,checkout,com_log,communication,communication_send,communications,cronjob,debug,dev,discount,discounts,factuur,firmwaretool,functions,generate_download_token,histories,history,history_manage,identity,identity_dealers,initialize,invoice,language,licenses,logfile,mailer,maintenance,marketing,marketing_delete,marketing_files,marketing_folders,marketing_migrate,marketing_tags,marketing_update,marketing_upload,media,media_manage,media_scanner,media_upload,order,orders,partner,partners,payment,placeorder,pricelists,pricelists_items,pricelists_manage,profiles,register,render_service_report,reset,sales,security,service,servicereport,servicereports,shipping,shipping_manage,shopping_cart,software_available,software_download,software_update,softwaretool,tax,taxes,test,transactions,transactions_items,translation_manage,translations,translations_details,unscribe,upgrades,uploader,vin,webhook_mollie,webhook_paypal,contract,contract_manage,contracts,dealer,dealer_manage,dealers,dealers_media,equipment,equipment_data,equipment_healthindex,equipment_history,equipment_manage,equipment_manage_edit,equipments,equipments_mass_update,product,product_manage,products,products_attributes,products_attributes_items,products_attributes_manage,products_categories,products_configurations,products_media,products_software,products_software_assignment,products_software_assignments,products_software_assignments,products_software_licenses,products_software_upgrade_paths,products_software_upgrade_paths_manage,products_software_version,products_software_version_access_rules_manage,products_software_version_manage,products_software_versions,products_versions,report_build,report_contracts_billing,report_healthindex,report_usage,reporting,rma,rma_history,rma_history_manage,rma_manage,rmas,user,user_credentials,user_manage,users');
+define('adminplus_profile','access_element,access_element_manage,access_elements,api,application,appointment,assets,billing,buildtool,buildtool,cartest,cartest_manage,cartests,catalog,categories,category,changelog,checkout,com_log,communication,communication_send,communications,cronjob,debug,dev,discount,discounts,factuur,firmwaretool,functions,generate_download_token,histories,history,history_manage,identity,identity_dealers,initialize,invoice,language,licenses,logfile,mailer,maintenance,marketing,marketing_delete,marketing_files,marketing_folders,marketing_migrate,marketing_tags,marketing_update,marketing_upload,media,media_manage,media_scanner,media_upload,order,orders,partner,partners,payment,placeorder,pricelists,pricelists_items,pricelists_manage,profiles,register,render_service_report,reset,role_access_permissions,sales,security,service,servicereport,servicereports,shipping,shipping_manage,shopping_cart,software_available,software_download,software_update,softwaretool,tax,taxes,test,transactions,transactions_items,translation_manage,translations,translations_details,unscribe,upgrades,uploader,vin,webhook_mollie,webhook_paypal,account,account_manage,accounts,admin,config,dashboard,profile,settings,contract,contract_manage,contracts,dealer,dealer_manage,dealers,dealers_media,equipment,equipment_data,equipment_healthindex,equipment_history,equipment_manage,equipment_manage_edit,equipments,equipments_mass_update,product,product_manage,products,products_attributes,products_attributes_items,products_attributes_manage,products_categories,products_configurations,products_media,products_software,products_software_assignment,products_software_assignments,products_software_assignments,products_software_licenses,products_software_upgrade_paths,products_software_upgrade_paths_manage,products_software_version,products_software_version_access_rules_manage,products_software_version_manage,products_software_versions,products_versions,report_build,report_builder,report_contracts_billing,report_healthindex,report_usage,reporting,rma,rma_history,rma_history_manage,rma_manage,rmas,user,user_credentials,user_manage,user_role,user_role_assignments,user_role_manage,user_roles,users');
 /*Build*/
-define('build','dashboard,profile,application,buildtool,buildtool,firmwaretool,products_software');
+define('build','application,buildtool,buildtool,firmwaretool,dashboard,profile,products_software');
 /*Commerce*/
-define('commerce','admin,dashboard,profile,application,catalog,categories,category,checkout,discount,discounts,identity,invoice,media,media_manage,order,orders,partner,partners,placeorder,pricelists,pricelists_items,pricelists_manage,shipping,shipping_manage,shopping_cart,taxes,transactions,transactions_items,translation_manage,translations,translations_details,uploader,product,product_manage,products,products_attributes,products_attributes_items,products_attributes_manage,products_categories,products_configurations,products_media,products_software,products_versions,user,user_manage,users');
+define('commerce','application,catalog,categories,category,checkout,discount,discounts,identity,invoice,media,media_manage,order,orders,partner,partners,placeorder,pricelists,pricelists_items,pricelists_manage,shipping,shipping_manage,shopping_cart,taxes,transactions,transactions_items,translation_manage,translations,translations_details,uploader,admin,dashboard,profile,product,product_manage,products,products_attributes,products_attributes_items,products_attributes_manage,products_categories,products_configurations,products_media,products_software,products_versions,user,user_manage,users');
 /*Distribution*/
-define('distribution','admin,dashboard,profile,application,assets,firmwaretool,histories,history,history_manage,marketing,partner,partners,servicereport,servicereports,equipment,equipment_manage,equipment_manage_edit,equipments,equipments_mass_update,product,product_manage,products,products_software,products_versions,user,user_manage,users');
+define('distribution','application,assets,firmwaretool,histories,history,history_manage,marketing,partner,partners,servicereport,servicereports,admin,dashboard,profile,equipment,equipment_manage,equipment_manage_edit,equipments,equipments_mass_update,product,product_manage,products,products_software,products_versions,user,user_manage,users');
 /*Firmware*/
 define('firmware','application,software_available,software_download,software_update,softwaretool,transactions,transactions_items,products_software_versions');
 /*Garage*/
-define('garage','dashboard,profile,application,cartest,cartest_manage,cartests,products_versions');
+define('garage','application,cartest,cartest_manage,cartests,dashboard,profile,products_versions');
 /*Interface*/
 define('interface','application,firmwaretool,invoice,payment,transactions,transactions_items,contract,contracts,equipment_manage,equipments,products_software,products_versions,users');
 /*Service*/
-define('service','admin,dashboard,profile,application,assets,firmwaretool,histories,history,history_manage,marketing,partner,partners,servicereport,servicereports,equipment,equipment_manage,equipments,products_software,user,user_manage,users');
+define('service','application,assets,firmwaretool,histories,history,history_manage,marketing,partner,partners,servicereport,servicereports,admin,dashboard,profile,equipment,equipment_manage,equipments,products_software,user,user_manage,users');
 /*Other*/
-define('other','admin,dashboard,profile,application,assets,firmwaretool,histories,history,history_manage,marketing,partner,partners,servicereport,servicereports,equipment,equipment_manage,equipments,products_software');
+define('other','application,assets,firmwaretool,histories,history,history_manage,marketing,partner,partners,servicereport,servicereports,admin,dashboard,profile,equipment,equipment_manage,equipments,products_software');

 ?>
--- a/settings/settingsviews.php
+++ b/settings/settingsviews.php
@@ -4,6 +4,9 @@
 // All individual views and APIs - Profile  ++++++++++++++
 // +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 $all_views = [
+    "access_element",
+    "access_element_manage",
+    "access_elements",
    "account",
    "account_manage",
    "accounts",
@@ -112,6 +115,7 @@ $all_views = [
    "register",
    "render_service_report",
    "report_build",
+    "report_builder",
    "report_contracts_billing",
    "report_healthindex",
    "report_usage",
@@ -122,6 +126,7 @@ $all_views = [
    "rma_history_manage",
    "rma_manage",
    "rmas",
+    "role_access_permissions",
    "sales",
    "security",
    "service",
@@ -149,6 +154,10 @@ $all_views = [
    "user",
    "user_credentials",
    "user_manage",
+    "user_role",
+    "user_role_assignments",
+    "user_role_manage",
+    "user_roles",
    "users",
    "vin",
    "webhook_mollie",
--- a/shipping.php
+++ b/shipping.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,7 +15,7 @@ $prev_page = $_SESSION['prev_origin'] ?? '';
 $page = $_SESSION['origin'] = 'shipping';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
--- a/shipping_manage.php
+++ b/shipping_manage.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'shipping';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 $shipping = [
    'id' =>'',
--- a/softwaretool.php
+++ b/softwaretool.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
  ini_set('display_errors', '1');
  ini_set('display_startup_errors', '1');
  error_reporting(E_ALL);
@@ -9,11 +9,11 @@ if (debug && debug_id == $_SESSION['id']){

 $page = 'softwaretool';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
-$bearertoken = createCommunicationToken($_SESSION['userkey']);
+$bearertoken = createCommunicationToken($_SESSION['authorization']['userkey']);

 //+++++++++++++++++++++++++++++++++++++++++++++++++++++
 // PAYMENT RETURN DETECTION
@@ -201,7 +201,7 @@ if (isset($_GET['equipmentID'])){$returnpage = 'equipment&equipmentID='.$_GET['e


 //SHOW BACK BUTTON ONLY FOR PORTAL USERS
-if (isAllowed('dashboard',$_SESSION['profile'],$_SESSION['permission'],'R') != 0){
+if (isAllowed('dashboard',$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') != 0){
  $view .= '
      <div class="title-actions">
        <a href="index.php?page='.$returnpage.'" class="btn alt mar-right-2"><i class="fa-solid fa-arrow-left"></i></a>
--- a/translation_manage.php
+++ b/translation_manage.php
@@ -3,16 +3,16 @@ defined(page_security_key) or exit;

 $page = 'translation_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }


 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input product values
 $text_variable = [
@@ -66,8 +66,8 @@ if (isset($_GET['rowID'])) {
            if ($responses === 'NOK'){

            } else {
-                if ($_SESSION['permission'] == 4){
-                    generateLanguageFile($_POST['language_key'],$_SESSION['userkey']);
+                if ($_SESSION['authorization']['permission'] == 4){
+                    generateLanguageFile($_POST['language_key'],$_SESSION['authorization']['userkey']);
                }
                header('Location: index.php?page=translation_manage&rowID='.$_GET['rowID'].'');
            exit;
@@ -99,8 +99,8 @@ if (isset($_GET['rowID'])) {

            if ($NOK_error == 0){
                //NO errors generatelanguagefile
-                if ($_SESSION['permission'] == 4){
-                    generateLanguageFile($attr_language,$_SESSION['userkey']);
+                if ($_SESSION['authorization']['permission'] == 4){
+                    generateLanguageFile($attr_language,$_SESSION['authorization']['userkey']);
                }
            }

--- a/translations.php
+++ b/translations.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -15,15 +15,15 @@ $prev_page = $_SESSION['prev_origin'] ?? '';
 $page = $_SESSION['origin'] = 'translations';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'translation_manage';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET PARAMETERS
 $pagination_page = isset($_GET['p']) ? $_GET['p'] : 1;
--- a/unscribe.php
+++ b/unscribe.php
@@ -10,12 +10,10 @@ if (isset($_GET['email'])){
  
  //GET USERKEY
  $data = json_encode(array("username" => interface_user, "password" => interface_pw), JSON_UNESCAPED_UNICODE);
-  //Secure data
-  $payload = generate_payload($data);
  //API call
-  $responses = ioServer('/v1/authorization', $payload);
+  $responses = ioServer('/v2/authorization', $data);
  //Decode Payload
-  if (!empty($responses)){$responses = decode_payload($responses);}else{$responses = '400';}
+  if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = '400';}
  
  if ($responses === 'NOK' || $responses === '400'){
    //Not allowed
@@ -25,7 +23,7 @@ if (isset($_GET['email'])){
    // Start a new session
    session_start();    
    // Store data in session
-    $_SESSION['userkey'] = $responses->userkey;
+    $_SESSION['authorization']['userkey'] = $responses['userkey'];
    // GET ALL POST DATA
    $data = json_encode($unscribe, JSON_UNESCAPED_UNICODE);
    // Secure data
--- a/uploader.php
+++ b/uploader.php
@@ -3,14 +3,14 @@ defined(page_security_key) or exit;

 $page = 'uploader';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 if ($create_allowed === 1 && $_POST){
 
--- a/user.php
+++ b/user.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);
@@ -14,16 +14,16 @@ include_once './settings/settings_redirector.php';
 $_SESSION['prev_origin_user'] = $_SERVER['REQUEST_URI'];
 $page = 'user';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'user_manage';
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$update_allowed_edit = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$update_allowed_edit = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET Details from URL
 $user_ID = $_GET['id'] ?? '';
@@ -344,10 +344,10 @@ $view .= '</span>
                                <option value="2"'.($user->view == 2 ? ' selected' : '').'>'.($permission2 ?? 'Edit').'</option>
                                <option value="1"'.($user->view == 1 ? ' selected' : '').'>'.($permission1 ?? 'View').'</option>';

-if ($_SESSION['permission'] == 3){
+if ($_SESSION['authorization']['permission'] == 3){
    $view .= '<option value="4"'.($user->view == 4 ? ' selected' : '').'>'.($permission4 ?? 'Super Admin').'</option>';
 }
-if ($_SESSION['permission'] == 4){
+if ($_SESSION['authorization']['permission'] == 4){
    $view .= '<option value="4"'.($user->view == 4 ? ' selected' : '').'>'.($permission4 ?? 'Super Admin').'</option>
              <option value="5"'.($user->view == 5 ? ' selected' : '').'>'.($permission5 ?? 'System').'</option>';
 }
@@ -360,7 +360,7 @@ $view .= '              </select>
                        <td>
                            <span class="view-mode">'.($user->settings ?? '-').'</span>';

-if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
+if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
    $view .= '<select class="edit-mode" name="settings" style="display:none;">
                <option value="">-</option>';
    foreach ($all_profiles as $profile) {
@@ -388,7 +388,7 @@ $view .= '          </td>
        </div>';

 // Partner Hierarchy Block
-$partner_data = json_decode($user->partnerhierarchy) ?? json_decode($_SESSION['partnerhierarchy']);
+$partner_data = json_decode($user->partnerhierarchy) ?? json_decode($_SESSION['authorization']['partnerhierarchy']);

 $view .= '<div class="content-block">
            <div class="block-header">
@@ -397,9 +397,9 @@ $view .= '<div class="content-block">
            <div class="table order-table">
                <table>';

-if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
-    $salesid_dropdown = listPartner('salesid', $_SESSION['permission'], $partner_data->salesid ?? '', '');
-    $soldto_dropdown = listPartner('soldto', $_SESSION['permission'], $partner_data->soldto ?? '', '');
+if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
+    $salesid_dropdown = listPartner('salesid', $_SESSION['authorization']['permission'], $partner_data->salesid ?? '', '');
+    $soldto_dropdown = listPartner('soldto', $_SESSION['authorization']['permission'], $partner_data->soldto ?? '', '');

    $view .= '<tr>
                <td style="width:25%;">'.($general_salesid ?? 'Sales ID').'</td>
@@ -417,8 +417,8 @@ if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
              </tr>';
 }

-$shipto_dropdown = listPartner('shipto', $_SESSION['permission'], $partner_data->shipto ?? '', '');
-$location_dropdown = listPartner('location', $_SESSION['permission'], $partner_data->location ?? '', '');
+$shipto_dropdown = listPartner('shipto', $_SESSION['authorization']['permission'], $partner_data->shipto ?? '', '');
+$location_dropdown = listPartner('location', $_SESSION['authorization']['permission'], $partner_data->location ?? '', '');

 $view .= '<tr>
            <td style="width:25%;">'.($general_shipto ?? 'Ship To').'</td>
@@ -466,7 +466,7 @@ $view .= '<div class="content-block">
                <td>
                    <span class="view-mode">'.$user->login_count.'</span>';

-if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
+if ($_SESSION['authorization']['permission'] == 3 || $_SESSION['authorization']['permission'] == 4){
    $view .= '<input type="number" class="edit-mode" name="login_count" value="'.$user->login_count.'" style="display:none; width: 80px;">';
 } else {
    $view .= '<input type="hidden" name="login_count" value="'.$user->login_count.'">';
--- a/user_role.php
+++ b/user_role.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);
@@ -14,16 +14,16 @@ include_once './settings/settings_redirector.php';
 $_SESSION['prev_origin_user_role'] = $_SERVER['REQUEST_URI'];
 $page = 'user_role';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'user_role_manage';
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$update_allowed_edit = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$update_allowed_edit = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET Details from URL
 $GET_VALUES = urlGETdetails($_GET) ?? '';
@@ -132,6 +132,7 @@ if (isset($_POST['save_permissions']) && $update_allowed_edit === 1) {
    exit;
 }

+
 //------------------------------
 //Variables
 //------------------------------
--- a/user_role_manage.php
+++ b/user_role_manage.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);
@@ -12,14 +12,14 @@ include_once './settings/settings_redirector.php';

 $page = 'user_role_manage';
 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 // Default input values
 $role = [
@@ -28,7 +28,7 @@ $role = [
    'description' => '',
    'is_active' => 1,
    'created' => '',
-    'createdby' => $_SESSION['username'],
+    'createdby' => $_SESSION['authorization']['clientID'],
    'updated' => '',
    'updatedby' => ''
 ];
--- a/user_roles.php
+++ b/user_roles.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);
@@ -17,15 +17,15 @@ $page = $_SESSION['origin'] = 'user_roles';
 $back_btn_orgin = ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">←</a>':'';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
 $page_manage = 'user_role_manage';
-$update_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');

 //GET PARAMETERS && STORE in SESSION for FURTHER USE/NAVIGATION
 $pagination_page = $_SESSION['p'] = isset($_GET['p']) ? $_GET['p'] : 1;
--- a/users.php
+++ b/users.php
@@ -1,7 +1,7 @@
 <?php
 defined(page_security_key) or exit;

-if (debug && debug_id == $_SESSION['id']){
+if (debug && debug_id == $_SESSION['authorization']['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
@@ -18,14 +18,14 @@ $page = 'users';
 $back_btn_orgin =  ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">←</a>':'';

 //Check if allowed
-if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
+if (isAllowed($page,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'R') === 0){
    header('location: index.php');
    exit;
 }
 //PAGE Security
-$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
-$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
-$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
+$update_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'U');
+$delete_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'D');
+$create_allowed = isAllowed($page ,$_SESSION['authorization']['profile'],$_SESSION['authorization']['permission'],'C');


 //GET PARAMETERS