diff --git a/DotBased.ASP.Auth/AuthenticationService.cs b/DotBased.ASP.Auth/AuthenticationService.cs
new file mode 100644
index 0000000..9b4d3b2
--- /dev/null
+++ b/DotBased.ASP.Auth/AuthenticationService.cs
@@ -0,0 +1,13 @@
+namespace DotBased.ASP.Auth.Services;
+
+public class AuthenticationService
+{
+    public AuthenticationService()
+    {
+        /*
+         * - Login
+         * - Logout
+         * - Register
+         */
+    }
+}
\ No newline at end of file
diff --git a/DotBased.ASP.Auth/BasedAuthConfiguration.cs b/DotBased.ASP.Auth/BasedAuthConfiguration.cs
index befc359..a6871ba 100644
--- a/DotBased.ASP.Auth/BasedAuthConfiguration.cs
+++ b/DotBased.ASP.Auth/BasedAuthConfiguration.cs
@@ -47,4 +47,19 @@ public class BasedAuthConfiguration
     public void SetSessionStateProviderType<TSessionStateProviderType>()
         where TSessionStateProviderType : ISessionStateProvider =>
         SessionStateProviderType = typeof(TSessionStateProviderType);
+}
+
+public class BasedPasswordOptions
+{
+    
+}
+
+public class BasedUserOptions
+{
+    
+}
+
+public class BasedLockoutOptions
+{
+    
 }
\ No newline at end of file
diff --git a/DotBased.ASP.Auth/BasedServerAuthenticationStateProvider.cs b/DotBased.ASP.Auth/BasedServerAuthenticationStateProvider.cs
index c2f7aea..0863561 100644
--- a/DotBased.ASP.Auth/BasedServerAuthenticationStateProvider.cs
+++ b/DotBased.ASP.Auth/BasedServerAuthenticationStateProvider.cs
@@ -1,5 +1,4 @@
 using System.Security.Claims;
-using DotBased.ASP.Auth.Services;
 using DotBased.Logging;
 using Microsoft.AspNetCore.Components.Authorization;
 using Microsoft.AspNetCore.Components.Server;
diff --git a/DotBased.ASP.Auth/DotBased.ASP.Auth.csproj b/DotBased.ASP.Auth/DotBased.ASP.Auth.csproj
index b977d41..e51c97a 100644
--- a/DotBased.ASP.Auth/DotBased.ASP.Auth.csproj
+++ b/DotBased.ASP.Auth/DotBased.ASP.Auth.csproj
@@ -13,4 +13,9 @@
     <ItemGroup>
         <FrameworkReference Include="Microsoft.AspNetCore.App" />
     </ItemGroup>
+
+    <ItemGroup>
+      <Folder Include="Models\Auth\States\" />
+      <Folder Include="Models\Repositories\" />
+    </ItemGroup>
 </Project>
diff --git a/DotBased.ASP.Auth/DotBasedAuthDependencyInjection.cs b/DotBased.ASP.Auth/DotBasedAuthDependencyInjection.cs
index 4e63f09..59fa9e0 100644
--- a/DotBased.ASP.Auth/DotBasedAuthDependencyInjection.cs
+++ b/DotBased.ASP.Auth/DotBasedAuthDependencyInjection.cs
@@ -18,7 +18,6 @@ public static class DotBasedAuthDependencyInjection
         var Configuration = new BasedAuthConfiguration();
         configurationAction?.Invoke(Configuration);
         
-        
         services.AddSingleton<BasedAuthConfiguration>(Configuration);
         if (Configuration.AuthDataRepositoryType == null)
             throw new ArgumentNullException(nameof(Configuration.AuthDataRepositoryType), $"No '{nameof(IAuthDataRepository)}' configured!");
diff --git a/DotBased.ASP.Auth/Models/Configuration/AuthConfiguration.cs b/DotBased.ASP.Auth/Models/Configuration/AuthConfiguration.cs
new file mode 100644
index 0000000..2bbf690
--- /dev/null
+++ b/DotBased.ASP.Auth/Models/Configuration/AuthConfiguration.cs
@@ -0,0 +1,11 @@
+namespace DotBased.ASP.Auth.Models.Configuration;
+
+public class AuthConfiguration
+{
+    public CacheConfiguration Cache { get; set; } = new();
+    public LockoutConfiguration Lockout { get; set; } = new();
+    public PasswordConfiguration Password { get; set; } = new();
+    public ProviderConfiguration Provider { get; set; } = new();
+    public RepositoryConfiguration Repository { get; set; } = new();
+    public UserConfiguration User { get; set; } = new();
+}
\ No newline at end of file
diff --git a/DotBased.ASP.Auth/Models/Configuration/CacheConfiguration.cs b/DotBased.ASP.Auth/Models/Configuration/CacheConfiguration.cs
new file mode 100644
index 0000000..8647941
--- /dev/null
+++ b/DotBased.ASP.Auth/Models/Configuration/CacheConfiguration.cs
@@ -0,0 +1,6 @@
+namespace DotBased.ASP.Auth.Models.Configuration;
+
+public class CacheConfiguration
+{
+    
+}
\ No newline at end of file
diff --git a/DotBased.ASP.Auth/Models/Configuration/LockoutConfiguration.cs b/DotBased.ASP.Auth/Models/Configuration/LockoutConfiguration.cs
new file mode 100644
index 0000000..b59ae65
--- /dev/null
+++ b/DotBased.ASP.Auth/Models/Configuration/LockoutConfiguration.cs
@@ -0,0 +1,6 @@
+namespace DotBased.ASP.Auth.Models.Configuration;
+
+public class LockoutConfiguration
+{
+    
+}
\ No newline at end of file
diff --git a/DotBased.ASP.Auth/Models/Configuration/PasswordConfiguration.cs b/DotBased.ASP.Auth/Models/Configuration/PasswordConfiguration.cs
new file mode 100644
index 0000000..c590cdd
--- /dev/null
+++ b/DotBased.ASP.Auth/Models/Configuration/PasswordConfiguration.cs
@@ -0,0 +1,6 @@
+namespace DotBased.ASP.Auth.Models.Configuration;
+
+public class PasswordConfiguration
+{
+    
+}
\ No newline at end of file
diff --git a/DotBased.ASP.Auth/Models/Configuration/ProviderConfiguration.cs b/DotBased.ASP.Auth/Models/Configuration/ProviderConfiguration.cs
new file mode 100644
index 0000000..cf3f702
--- /dev/null
+++ b/DotBased.ASP.Auth/Models/Configuration/ProviderConfiguration.cs
@@ -0,0 +1,6 @@
+namespace DotBased.ASP.Auth.Models.Configuration;
+
+public class ProviderConfiguration
+{
+    
+}
\ No newline at end of file
diff --git a/DotBased.ASP.Auth/Models/Configuration/RepositoryConfiguration.cs b/DotBased.ASP.Auth/Models/Configuration/RepositoryConfiguration.cs
new file mode 100644
index 0000000..cb55903
--- /dev/null
+++ b/DotBased.ASP.Auth/Models/Configuration/RepositoryConfiguration.cs
@@ -0,0 +1,6 @@
+namespace DotBased.ASP.Auth.Models.Configuration;
+
+public class RepositoryConfiguration
+{
+    
+}
\ No newline at end of file
diff --git a/DotBased.ASP.Auth/Models/Configuration/UserConfiguration.cs b/DotBased.ASP.Auth/Models/Configuration/UserConfiguration.cs
new file mode 100644
index 0000000..a4dd082
--- /dev/null
+++ b/DotBased.ASP.Auth/Models/Configuration/UserConfiguration.cs
@@ -0,0 +1,6 @@
+namespace DotBased.ASP.Auth.Models.Configuration;
+
+public class UserConfiguration
+{
+    
+}
\ No newline at end of file
diff --git a/DotBased.ASP.Auth/SecurityManager.cs b/DotBased.ASP.Auth/SecurityManager.cs
new file mode 100644
index 0000000..0067eae
--- /dev/null
+++ b/DotBased.ASP.Auth/SecurityManager.cs
@@ -0,0 +1,9 @@
+namespace DotBased.ASP.Auth.Managers;
+
+public class SecurityManager
+{
+    public SecurityManager()
+    {
+        
+    }
+}
\ No newline at end of file
diff --git a/DotBased.ASP.Auth/Services/SecurityService.cs b/DotBased.ASP.Auth/SecurityService.cs
similarity index 96%
rename from DotBased.ASP.Auth/Services/SecurityService.cs
rename to DotBased.ASP.Auth/SecurityService.cs
index 851c0a5..748e0a7 100644
--- a/DotBased.ASP.Auth/Services/SecurityService.cs
+++ b/DotBased.ASP.Auth/SecurityService.cs
@@ -7,7 +7,7 @@ using DotBased.Logging;
 using Microsoft.AspNetCore.Components.Authorization;
 using Microsoft.AspNetCore.Components.Server.ProtectedBrowserStorage;
 
-namespace DotBased.ASP.Auth.Services;
+namespace DotBased.ASP.Auth;
 
 public class SecurityService
 {
@@ -60,9 +60,9 @@ public class SecurityService
             new(ClaimTypes.Surname, userResult.Value.FamilyName),
             new(ClaimTypes.Email, userResult.Value.Email)
         };
-        //TODO: combine group, user roles
         claims.AddRange(userResult.Value.Groups.Select(group => new Claim(ClaimTypes.GroupSid, group.Id)));
         claims.AddRange(userResult.Value.Roles.Select(role => new Claim(ClaimTypes.Role, role.Name)));
+        claims.AddRange(userResult.Value.Groups.Select(g => g.Roles).SelectMany(gRolesList => gRolesList, (_, role) => new Claim(ClaimTypes.Role, role.Name)));
         var claimsIdentity = new ClaimsIdentity(claims, BasedAuthDefaults.AuthenticationScheme);
         var authState = new AuthenticationState(new ClaimsPrincipal(claimsIdentity));
         _dataCache.CacheSessionState(authStateModel, authState);