diff --git a/src/main/java/com/iconplus/smartproc/configuration/JwtRequestFilter.java b/src/main/java/com/iconplus/smartproc/configuration/JwtRequestFilter.java
index b04e38b..2b976b7 100644
--- a/src/main/java/com/iconplus/smartproc/configuration/JwtRequestFilter.java
+++ b/src/main/java/com/iconplus/smartproc/configuration/JwtRequestFilter.java
@@ -54,7 +54,7 @@ public class JwtRequestFilter extends OncePerRequestFilter {
 
 	private void isValidToken(HttpServletRequest request, String jwtToken) {
 		String requestUrl = request.getRequestURI();
-		String refreshTokenUrl = "/authentication-service/authentication/v1/refresh-token";
+		String refreshTokenUrl = "/api/authentication/refresh-token";
 		if (!refreshTokenUrl.equals(requestUrl)) {
 			var isValid = isValidAuthenticateToken(jwtToken);
 			if (!isValid) {
diff --git a/src/main/java/com/iconplus/smartproc/configuration/WebSecurityConfig.java b/src/main/java/com/iconplus/smartproc/configuration/WebSecurityConfig.java
index 9c6274a..0546d49 100644
--- a/src/main/java/com/iconplus/smartproc/configuration/WebSecurityConfig.java
+++ b/src/main/java/com/iconplus/smartproc/configuration/WebSecurityConfig.java
@@ -34,6 +34,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 				.csrf().disable();
 		httpSecurity.authorizeRequests()
 				.antMatchers("/api*/**").permitAll()
+				.antMatchers("/api/authentication/*").permitAll()
 				.antMatchers("/actuator/health").permitAll()
 				.antMatchers("/swagger*/**").permitAll()
 				.antMatchers("/v2*/**").permitAll()
diff --git a/src/main/java/com/iconplus/smartproc/model/entity/TokenManagement.java b/src/main/java/com/iconplus/smartproc/model/entity/TokenManagement.java
index 45aa828..c1d2761 100644
--- a/src/main/java/com/iconplus/smartproc/model/entity/TokenManagement.java
+++ b/src/main/java/com/iconplus/smartproc/model/entity/TokenManagement.java
@@ -31,12 +31,10 @@ public class TokenManagement extends BaseEntity {
     @Column(name = "user_id")
     private Long userId;
 
-    @Lob
-    @Column(name = "access_token")
+    @Column(name = "access_token", length = 2500)
     private String accessToken;
 
-    @Lob
-    @Column(name = "refresh_token")
+    @Column(name = "refresh_token", length = 2500)
     private String refreshToken;
 
     @Column(name = "issued_time")
diff --git a/src/main/java/com/iconplus/smartproc/model/projection/TokenManagementView.java b/src/main/java/com/iconplus/smartproc/model/projection/TokenManagementView.java
index 9e651d8..5bf6c24 100644
--- a/src/main/java/com/iconplus/smartproc/model/projection/TokenManagementView.java
+++ b/src/main/java/com/iconplus/smartproc/model/projection/TokenManagementView.java
@@ -7,10 +7,10 @@ public interface TokenManagementView {
     String getId();
     void setId(String id);
 
-    String getUserId();
-    void setUserId(String userId);
+    Long getUserId();
+    void setUserId(Long userId);
 
-    Clob getAccessToken();
-    void setAccessToken(Clob accessToken);
+    String getAccessToken();
+    void setAccessToken(String accessToken);
 
 }
diff --git a/src/main/java/com/iconplus/smartproc/repository/TokenManagementRepository.java b/src/main/java/com/iconplus/smartproc/repository/TokenManagementRepository.java
index 82a6e51..a0d1c86 100644
--- a/src/main/java/com/iconplus/smartproc/repository/TokenManagementRepository.java
+++ b/src/main/java/com/iconplus/smartproc/repository/TokenManagementRepository.java
@@ -14,9 +14,9 @@ public interface TokenManagementRepository extends JpaRepository<TokenManagement
 
     @Query(value = "SELECT access_token as accessToken FROM token_management " +
             "WHERE user_id = :userId " +
-            "AND isDelete = false " +
-            "AND expired_time >= SYSDATE", nativeQuery = true)
-    List<TokenManagementView> findAccessTokenByUserIdAndDeletedFalse(String userId);
+            "AND is_delete = 0 " +
+            "AND expired_time >= CURRENT_TIMESTAMP", nativeQuery = true)
+    List<TokenManagementView> findAccessTokenByUserIdAndDeletedFalse(Long userId);
 
     @Query(value = "SELECT tm from TokenManagement tm " +
             "WHERE tm.refreshToken = :refreshToken " +
diff --git a/src/main/java/com/iconplus/smartproc/service/authentication/LoginService.java b/src/main/java/com/iconplus/smartproc/service/authentication/LoginService.java
index 82350c9..e52c99b 100644
--- a/src/main/java/com/iconplus/smartproc/service/authentication/LoginService.java
+++ b/src/main/java/com/iconplus/smartproc/service/authentication/LoginService.java
@@ -18,6 +18,7 @@ import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.Map;
 
 @Service
@@ -65,7 +66,7 @@ public class LoginService implements BaseService<LoginRequest, LoginResponse> {
                 .username(userRoleView.getUsername())
                 .nama(userRoleView.getNama())
                 .role(userRoleView.getRole())
-                .accessMenu(null)
+                .accessMenu(new HashSet<>())
                 .build();
 
         Map<String, Object> claims = new HashMap<>();
diff --git a/src/main/java/com/iconplus/smartproc/service/authentication/PostCheckAccessTokenService.java b/src/main/java/com/iconplus/smartproc/service/authentication/PostCheckAccessTokenService.java
index a77aa51..85c9d5e 100644
--- a/src/main/java/com/iconplus/smartproc/service/authentication/PostCheckAccessTokenService.java
+++ b/src/main/java/com/iconplus/smartproc/service/authentication/PostCheckAccessTokenService.java
@@ -27,7 +27,7 @@ public class PostCheckAccessTokenService implements BaseService<PostAccessTokenR
     public PostAccessTokenResponse execute(PostAccessTokenRequest input) {
 
         var decodeToken = TokenUtils.decodeToken(input.getAccessToken());
-        String userId = decodeToken.get("user_id");
+        Long userId = Long.valueOf(decodeToken.get("user_id"));
 
         List<TokenManagementView> tokenManagementViews = tokenManagementRepository.findAccessTokenByUserIdAndDeletedFalse(userId);
         if (tokenManagementViews.isEmpty()) {
@@ -38,7 +38,7 @@ public class PostCheckAccessTokenService implements BaseService<PostAccessTokenR
         }
 
         List<String> userTokenList = tokenManagementViews.stream()
-                .map(c-> CommonUtil.clobToString(c.getAccessToken()))
+                .map(TokenManagementView::getAccessToken)
                 .collect(Collectors.toList());
 
         boolean isMatch = userTokenList.stream().anyMatch(s -> s.equals(input.getAccessToken()));
diff --git a/src/main/java/com/iconplus/smartproc/service/authentication/TokenManagementService.java b/src/main/java/com/iconplus/smartproc/service/authentication/TokenManagementService.java
index fba5e59..e32bdd4 100644
--- a/src/main/java/com/iconplus/smartproc/service/authentication/TokenManagementService.java
+++ b/src/main/java/com/iconplus/smartproc/service/authentication/TokenManagementService.java
@@ -17,6 +17,7 @@ import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.util.HashSet;
 import java.util.Objects;
 
 @Service
@@ -72,7 +73,7 @@ public class TokenManagementService implements BaseService<RefreshTokenRequest,
                 .username(userRoleView.getUsername())
                 .nama(userRoleView.getNama())
                 .role(userRoleView.getRole())
-                .accessMenu(null)
+                .accessMenu(new HashSet<>())
                 .build();
 
         final String accessToken = jwtTokenUtil.generateToken(String.valueOf(userRoleView.getId()), tokenContent, accessTokenExp * 60000);