diff --git a/DOL.WHD.Section14c.Api/App_Start/DependencyResolutionConfig.cs b/DOL.WHD.Section14c.Api/App_Start/DependencyResolutionConfig.cs
index 00bacc63..ba6df78d 100644
--- a/DOL.WHD.Section14c.Api/App_Start/DependencyResolutionConfig.cs
+++ b/DOL.WHD.Section14c.Api/App_Start/DependencyResolutionConfig.cs
@@ -1,9 +1,9 @@
-using System.Configuration;
-using System.Web.Http;
+using System.Web.Http;
 using DOL.WHD.Section14c.Business;
 using DOL.WHD.Section14c.Business.Factories;
 using DOL.WHD.Section14c.Business.Services;
 using DOL.WHD.Section14c.Business.Validators;
+using DOL.WHD.Section14c.Common;
 using DOL.WHD.Section14c.DataAccess;
 using DOL.WHD.Section14c.DataAccess.Repositories;
 using SimpleInjector;
@@ -23,7 +23,7 @@ public static void Register()
             container.Register<ISaveRepository, SaveRepository>(Lifestyle.Scoped);
             container.Register<ISaveService, SaveService>(Lifestyle.Scoped);
             container.Register<IIdentityService, IdentityService>(Lifestyle.Scoped);
-            container.Register<IFileRepository>(() => new FileRepository(ConfigurationManager.AppSettings["AttachmentRepositoryRootFolder"]), Lifestyle.Scoped);
+            container.Register<IFileRepository>(() => new FileRepository(AppSettings.Get<string>("AttachmentRepositoryRootFolder")), Lifestyle.Scoped);
             container.Register<IApplicationRepository, ApplicationRepository>(Lifestyle.Scoped);
             container.Register<IApplicationService, ApplicationService>(Lifestyle.Scoped);
             container.Register<IApplicationSummaryFactory, ApplicationSummaryFactory>(Lifestyle.Scoped);
diff --git a/DOL.WHD.Section14c.Api/App_Start/RouteConfig.cs b/DOL.WHD.Section14c.Api/App_Start/RouteConfig.cs
index de0ffaba..369a069c 100644
--- a/DOL.WHD.Section14c.Api/App_Start/RouteConfig.cs
+++ b/DOL.WHD.Section14c.Api/App_Start/RouteConfig.cs
@@ -9,6 +9,12 @@ public static void RegisterRoutes(RouteCollection routes)
         {
             routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
 
+            routes.MapRoute(
+                "Help Area",
+                "",
+                new { controller = "Help", action = "Index" }
+            ).DataTokens = new RouteValueDictionary(new { area = "HelpPage" });
+
             routes.MapRoute(
                 name: "Default",
                 url: "{controller}/{action}/{id}",
diff --git a/DOL.WHD.Section14c.Api/App_Start/Startup.Auth.cs b/DOL.WHD.Section14c.Api/App_Start/Startup.Auth.cs
index d5d191b0..6739009f 100644
--- a/DOL.WHD.Section14c.Api/App_Start/Startup.Auth.cs
+++ b/DOL.WHD.Section14c.Api/App_Start/Startup.Auth.cs
@@ -1,15 +1,11 @@
 using System;
-using System.Configuration;
-using System.Security.Claims;
 using System.Threading.Tasks;
 using System.Web;
 using DOL.WHD.Section14c.Api.Providers;
+using DOL.WHD.Section14c.Common;
 using DOL.WHD.Section14c.DataAccess;
 using DOL.WHD.Section14c.DataAccess.Identity;
-using DOL.WHD.Section14c.Domain.Models.Identity;
 using Microsoft.AspNet.Identity;
-using Microsoft.AspNet.Identity.EntityFramework;
-using Microsoft.AspNet.Identity.Owin;
 using Microsoft.Owin;
 using Microsoft.Owin.Security.Cookies;
 using Microsoft.Owin.Security.OAuth;
@@ -36,7 +32,7 @@ public void ConfigureAuth(IAppBuilder app)
             app.UseCookieAuthentication(new CookieAuthenticationOptions()
             {
                 AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
-                ExpireTimeSpan = TimeSpan.FromMinutes(Convert.ToDouble(ConfigurationManager.AppSettings["AccessTokenExpireTimeSpanMinutes"])),
+                ExpireTimeSpan = TimeSpan.FromMinutes(AppSettings.Get<double>("AccessTokenExpireTimeSpanMinutes")),
                 Provider = new CookieAuthenticationProvider
                 {
                     OnValidateIdentity = ctx =>
@@ -67,9 +63,8 @@ public void ConfigureAuth(IAppBuilder app)
             {
                 TokenEndpointPath = new PathString("/Token"),
                 Provider = new ApplicationOAuthProvider(PublicClientId),
-                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(Convert.ToDouble(ConfigurationManager.AppSettings["AccessTokenExpireTimeSpanMinutes"])),
-                // In production mode set AllowInsecureHttp = false
-                AllowInsecureHttp = false
+                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(AppSettings.Get<double>("AccessTokenExpireTimeSpanMinutes")),
+                AllowInsecureHttp = !AppSettings.Get<bool>("RequireHttps")
             };
 
             app.Use(async (context, next) =>
diff --git a/DOL.WHD.Section14c.Api/Areas/HelpPage/Views/Help/Index.cshtml b/DOL.WHD.Section14c.Api/Areas/HelpPage/Views/Help/Index.cshtml
index 69708848..b6d098ed 100644
--- a/DOL.WHD.Section14c.Api/Areas/HelpPage/Views/Help/Index.cshtml
+++ b/DOL.WHD.Section14c.Api/Areas/HelpPage/Views/Help/Index.cshtml
@@ -6,7 +6,7 @@
 @model Collection<ApiDescription>
 
 @{
-    ViewBag.Title = "DOL WHD Section 14c API Help";
+    ViewBag.Title = "DOL.WHD.Section.14c.API";
 
     // Group APIs by controller
     ILookup<HttpControllerDescriptor, ApiDescription> apiGroups = Model.ToLookup(api => api.ActionDescriptor.ControllerDescriptor);
@@ -23,10 +23,7 @@
 <div id="body" class="help-page">
     <section class="featured">
         <div class="content-wrapper">
-            <h2>Introduction</h2>
-            <p>
-                Provide a general description of your APIs here.
-            </p>
+            Version: @typeof(DOL.WHD.Section14c.Api.WebApiApplication).Assembly.GetName().Version
         </div>
     </section>
     <section class="content-wrapper main-content clear-fix">
diff --git a/DOL.WHD.Section14c.Api/Controllers/AccountController.cs b/DOL.WHD.Section14c.Api/Controllers/AccountController.cs
index 8d9753de..325cad8e 100644
--- a/DOL.WHD.Section14c.Api/Controllers/AccountController.cs
+++ b/DOL.WHD.Section14c.Api/Controllers/AccountController.cs
@@ -1,5 +1,4 @@
 using System;
-using System.Configuration;
 using System.Net;
 using System.Net.Http;
 using System.Threading.Tasks;
@@ -18,6 +17,7 @@
 using System.Linq;
 using System.Collections.Generic;
 using System.Data.Entity;
+using DOL.WHD.Section14c.Common;
 using DOL.WHD.Section14c.Domain.Models.Identity;
 
 namespace DOL.WHD.Section14c.Api.Controllers
@@ -56,8 +56,8 @@ public async Task<IHttpActionResult> Register(RegisterViewModel model)
             }
 
             // Validate Recaptcha
-            var reCaptchaVerfiyUrl = ConfigurationManager.AppSettings["ReCaptchaVerfiyUrl"];
-            var reCaptchaSecretKey = ConfigurationManager.AppSettings["ReCaptchaSecretKey"];
+            var reCaptchaVerfiyUrl = AppSettings.Get<string>("ReCaptchaVerfiyUrl");
+            var reCaptchaSecretKey = AppSettings.Get<string>("ReCaptchaSecretKey");
             if (!string.IsNullOrEmpty(reCaptchaVerfiyUrl) && !string.IsNullOrEmpty(reCaptchaSecretKey))
             {
                 var remoteIpAddress = Request.GetOwinContext().Request.RemoteIpAddress;
diff --git a/DOL.WHD.Section14c.Api/DOL.WHD.Section14c.Api.csproj b/DOL.WHD.Section14c.Api/DOL.WHD.Section14c.Api.csproj
index d13c3891..3fcdba79 100644
--- a/DOL.WHD.Section14c.Api/DOL.WHD.Section14c.Api.csproj
+++ b/DOL.WHD.Section14c.Api/DOL.WHD.Section14c.Api.csproj
@@ -314,6 +314,10 @@
       <Project>{7cd1d7dd-ce24-4280-b8bd-0b8b9abb0ffc}</Project>
       <Name>DOL.WHD.Section14c.Business</Name>
     </ProjectReference>
+    <ProjectReference Include="..\DOL.WHD.Section14c.Common\DOL.WHD.Section14c.Common.csproj">
+      <Project>{9C06ABE3-28D2-4BAB-BAA4-11B6C404B329}</Project>
+      <Name>DOL.WHD.Section14c.Common</Name>
+    </ProjectReference>
     <ProjectReference Include="..\DOL.WHD.Section14c.DataAccess\DOL.WHD.Section14c.DataAccess.csproj">
       <Project>{F7033F89-ED1B-4784-AEAB-D8808FBBEC92}</Project>
       <Name>DOL.WHD.Section14c.DataAccess</Name>
diff --git a/DOL.WHD.Section14c.Api/Filters/AuthorizeHttps.cs b/DOL.WHD.Section14c.Api/Filters/AuthorizeHttps.cs
index c6363ab9..f2abfc17 100644
--- a/DOL.WHD.Section14c.Api/Filters/AuthorizeHttps.cs
+++ b/DOL.WHD.Section14c.Api/Filters/AuthorizeHttps.cs
@@ -3,6 +3,7 @@
 using System.Net.Http;
 using System.Web.Http;
 using System.Web.Http.Controllers;
+using DOL.WHD.Section14c.Common;
 
 namespace DOL.WHD.Section14c.Api.Filters
 {
@@ -10,10 +11,7 @@ public class AuthorizeHttps : AuthorizeAttribute
     {
         public override void OnAuthorization(HttpActionContext actionContext)
         {
-            if (SkipAuthorization(actionContext))
-                return;
-
-            if (actionContext.Request.RequestUri.Scheme != Uri.UriSchemeHttps)
+            if (actionContext.Request.RequestUri.Scheme != Uri.UriSchemeHttps  && AppSettings.Get<bool>("RequireHttps"))
             {
                 actionContext.Response = new HttpResponseMessage(System.Net.HttpStatusCode.Forbidden)
                 {
@@ -22,6 +20,9 @@ public override void OnAuthorization(HttpActionContext actionContext)
             }
             else
             {
+                if (SkipAuthorization(actionContext))
+                    return;
+
                 base.OnAuthorization(actionContext);
             }
         }
diff --git a/DOL.WHD.Section14c.Api/Parameters.xml b/DOL.WHD.Section14c.Api/Parameters.xml
index 2951a196..dfc120cc 100644
--- a/DOL.WHD.Section14c.Api/Parameters.xml
+++ b/DOL.WHD.Section14c.Api/Parameters.xml
@@ -53,5 +53,7 @@
   <parameter name="EmailFrom" defaultValue="no-reply@dol.gov">
     <parameterEntry kind="XmlFile" scope="web\.config$" match="/configuration/system.net/mailSettings/smtp/@from" />
   </parameter>
-
+  <parameter name="RequireHttps" defaultValue="true">
+    <parameterEntry kind="XmlFile" scope="web\.config$" match="/configuration/appSettings/add[@key='RequireHttps']/@value" />
+  </parameter>
 </parameters>
\ No newline at end of file
diff --git a/DOL.WHD.Section14c.Api/Providers/ApplicationOAuthProvider.cs b/DOL.WHD.Section14c.Api/Providers/ApplicationOAuthProvider.cs
index eca952ed..dd9c385d 100644
--- a/DOL.WHD.Section14c.Api/Providers/ApplicationOAuthProvider.cs
+++ b/DOL.WHD.Section14c.Api/Providers/ApplicationOAuthProvider.cs
@@ -1,17 +1,14 @@
 using System;
 using System.Collections.Generic;
-using System.Configuration;
 using System.Data.Entity;
 using System.Security.Claims;
 using System.Threading.Tasks;
 using DOL.WHD.Section14c.DataAccess.Identity;
-using DOL.WHD.Section14c.Domain.Models;
 using Microsoft.AspNet.Identity.Owin;
 using Microsoft.Owin.Security;
 using Microsoft.Owin.Security.Cookies;
 using Microsoft.Owin.Security.OAuth;
-using System.Linq;
-using DOL.WHD.Section14c.Domain.Models.Identity;
+using DOL.WHD.Section14c.Common;
 
 namespace DOL.WHD.Section14c.Api.Providers
 {
@@ -38,7 +35,7 @@ public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwner
             if (user != null)
             {
                 var passwordExpired = false;
-                var passwordExpirationDays = Convert.ToInt32(ConfigurationManager.AppSettings["PasswordExpirationDays"]);
+                var passwordExpirationDays = AppSettings.Get<int>("PasswordExpirationDays");
                 if (passwordExpirationDays > 0)
                 {
                     passwordExpired = user.LastPasswordChangedDate.AddDays(passwordExpirationDays) < DateTime.Now;
diff --git a/DOL.WHD.Section14c.Api/Providers/RestrictedMultipartMemoryStreamProvider.cs b/DOL.WHD.Section14c.Api/Providers/RestrictedMultipartMemoryStreamProvider.cs
index cf9876f7..a8a0891f 100644
--- a/DOL.WHD.Section14c.Api/Providers/RestrictedMultipartMemoryStreamProvider.cs
+++ b/DOL.WHD.Section14c.Api/Providers/RestrictedMultipartMemoryStreamProvider.cs
@@ -1,9 +1,8 @@
-using System;
-using System.Configuration;
-using System.IO;
+using System.IO;
 using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Text.RegularExpressions;
+using DOL.WHD.Section14c.Common;
 
 namespace DOL.WHD.Section14c.Api.Providers
 {
@@ -11,7 +10,7 @@ public class RestrictedMultipartMemoryStreamProvider : MultipartMemoryStreamProv
     {
         public override Stream GetStream(HttpContent parent, HttpContentHeaders headers)
         {
-            var pattern = ConfigurationManager.AppSettings["AllowedFileNamesRegex"];
+            var pattern = AppSettings.Get<string>("AllowedFileNamesRegex");
             var fileNameRegex = new Regex(pattern);
             var fileName = headers.ContentDisposition.FileName;
 
diff --git a/DOL.WHD.Section14c.Api/Web.config b/DOL.WHD.Section14c.Api/Web.config
index fdd3b34b..dbaaf310 100644
--- a/DOL.WHD.Section14c.Api/Web.config
+++ b/DOL.WHD.Section14c.Api/Web.config
@@ -23,6 +23,7 @@
     <add key="ReCaptchaSecretKey" value="6LeqeggUAAAAAEY5KpgWZGkOHnkyQXmiSKg7tqsY" /> <!-- If key is not provided, server-side ReCaptcha validation is disabled -->
     <add key="AttachmentRepositoryRootFolder" value="C:\temp\DOL-WHD-Section14c-Attachments\"/>
     <add key="AllowedFileNamesRegex" value="^(.*\.(doc|docx|xls|xlsx|pdf|jpg|jpeg|png)$)?[^.]*$" />
+    <add key="RequireHttps" value="true" />
   </appSettings>
   <!--
     For a description of web.config changes see http://go.microsoft.com/fwlink/?LinkId=235367.
diff --git a/DOL.WHD.Section14c.Common/AppSettings.cs b/DOL.WHD.Section14c.Common/AppSettings.cs
new file mode 100644
index 00000000..0388e786
--- /dev/null
+++ b/DOL.WHD.Section14c.Common/AppSettings.cs
@@ -0,0 +1,17 @@
+using System.ComponentModel;
+using System.Configuration;
+
+namespace DOL.WHD.Section14c.Common
+{
+    public static class AppSettings
+    {
+        public static T Get<T>(string key)
+        {
+            var appSetting = ConfigurationManager.AppSettings[key];
+            if (string.IsNullOrWhiteSpace(appSetting)) throw new SettingsPropertyNotFoundException(key);
+
+            var converter = TypeDescriptor.GetConverter(typeof(T));
+            return (T)(converter.ConvertFromInvariantString(appSetting));
+        }
+    }
+}
diff --git a/DOL.WHD.Section14c.Common/DOL.WHD.Section14c.Common.csproj b/DOL.WHD.Section14c.Common/DOL.WHD.Section14c.Common.csproj
index 60ace1f6..e7a2e8c8 100644
--- a/DOL.WHD.Section14c.Common/DOL.WHD.Section14c.Common.csproj
+++ b/DOL.WHD.Section14c.Common/DOL.WHD.Section14c.Common.csproj
@@ -34,6 +34,7 @@
   </PropertyGroup>
   <ItemGroup>
     <Reference Include="System" />
+    <Reference Include="System.Configuration" />
     <Reference Include="System.Core" />
     <Reference Include="System.Xml.Linq" />
     <Reference Include="System.Data.DataSetExtensions" />
@@ -43,6 +44,7 @@
     <Reference Include="System.Xml" />
   </ItemGroup>
   <ItemGroup>
+    <Compile Include="AppSettings.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
diff --git a/DOL.WHD.Section14c.DataAccess/DOL.WHD.Section14c.DataAccess.csproj b/DOL.WHD.Section14c.DataAccess/DOL.WHD.Section14c.DataAccess.csproj
index 92e832ad..683b792a 100644
--- a/DOL.WHD.Section14c.DataAccess/DOL.WHD.Section14c.DataAccess.csproj
+++ b/DOL.WHD.Section14c.DataAccess/DOL.WHD.Section14c.DataAccess.csproj
@@ -249,6 +249,10 @@
     <None Include="packages.config" />
   </ItemGroup>
   <ItemGroup>
+    <ProjectReference Include="..\DOL.WHD.Section14c.Common\DOL.WHD.Section14c.Common.csproj">
+      <Project>{9C06ABE3-28D2-4BAB-BAA4-11B6C404B329}</Project>
+      <Name>DOL.WHD.Section14c.Common</Name>
+    </ProjectReference>
     <ProjectReference Include="..\DOL.WHD.Section14c.Domain\DOL.WHD.Section14c.Domain.csproj">
       <Project>{CAE5367B-F6CD-440F-9524-5AE43A38116E}</Project>
       <Name>DOL.WHD.Section14c.Domain</Name>
diff --git a/DOL.WHD.Section14c.DataAccess/Identity/IdentityConfig.cs b/DOL.WHD.Section14c.DataAccess/Identity/IdentityConfig.cs
index 3a26f09a..2ea1fc8c 100644
--- a/DOL.WHD.Section14c.DataAccess/Identity/IdentityConfig.cs
+++ b/DOL.WHD.Section14c.DataAccess/Identity/IdentityConfig.cs
@@ -1,8 +1,7 @@
 using System;
-using System.Configuration;
 using System.Threading.Tasks;
+using DOL.WHD.Section14c.Common;
 using DOL.WHD.Section14c.DataAccess.Validators;
-using DOL.WHD.Section14c.Domain.Models;
 using DOL.WHD.Section14c.Domain.Models.Identity;
 using Microsoft.AspNet.Identity;
 using Microsoft.AspNet.Identity.EntityFramework;
@@ -44,9 +43,9 @@ public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUs
             };
 
             // Configure lockout
-            manager.UserLockoutEnabledByDefault = Convert.ToBoolean(ConfigurationManager.AppSettings["UserLockoutEnabledByDefault"]);
-            manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(Double.Parse(ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"]));
-            manager.MaxFailedAccessAttemptsBeforeLockout = Convert.ToInt32(ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"]);
+            manager.UserLockoutEnabledByDefault = AppSettings.Get<bool>("UserLockoutEnabledByDefault");
+            manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(AppSettings.Get<double>("DefaultAccountLockoutTimeSpan"));
+            manager.MaxFailedAccessAttemptsBeforeLockout = AppSettings.Get<int>("MaxFailedAccessAttemptsBeforeLockout");
 
             var dataProtectionProvider = options.DataProtectionProvider;
             if (dataProtectionProvider != null)
@@ -54,7 +53,7 @@ public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUs
                 manager.UserTokenProvider = new DataProtectorTokenProvider<ApplicationUser>(dataProtectionProvider.Create("ASP.NET Identity"))
                 {
                     //Code for email confirmation and reset password life time
-                    TokenLifespan = TimeSpan.FromHours(Double.Parse(ConfigurationManager.AppSettings["EmailVeriryAndPaswordRestTokenExpireHours"]))
+                    TokenLifespan = TimeSpan.FromHours(AppSettings.Get<double>("EmailVeriryAndPaswordRestTokenExpireHours"))
                 };
             }
             return manager;
diff --git a/DOL.WHD.Section14c.Test/Business/SaveServiceTests.cs b/DOL.WHD.Section14c.Test/Business/SaveServiceTests.cs
index 8f806610..1439b2d7 100644
--- a/DOL.WHD.Section14c.Test/Business/SaveServiceTests.cs
+++ b/DOL.WHD.Section14c.Test/Business/SaveServiceTests.cs
@@ -22,7 +22,7 @@ public class SaveServiceTests
         public SaveServiceTests()
         {
             _saveRepositoryMock = new SaveRepositoryMock();
-            _fileRepositoryMock = new FileRepository("TestUploads");
+            _fileRepositoryMock = new FileRepository(@"TestUploads\");
         }
 
         [TestMethod]
diff --git a/DOL.WHD.Section14c.Test/Common/AppSettingsTests.cs b/DOL.WHD.Section14c.Test/Common/AppSettingsTests.cs
new file mode 100644
index 00000000..295814fb
--- /dev/null
+++ b/DOL.WHD.Section14c.Test/Common/AppSettingsTests.cs
@@ -0,0 +1,51 @@
+using System.Configuration;
+using DOL.WHD.Section14c.Common;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+
+namespace DOL.WHD.Section14c.Test.Common
+{
+    [TestClass]
+    public class AppSettingsTests
+    {
+        [TestMethod]
+        [ExpectedException(typeof(SettingsPropertyNotFoundException))]
+
+        public void SetttingNotAvailable()
+        {
+            AppSettings.Get<bool>("unknown");
+        }
+
+        [TestMethod]
+
+        public void SetttingConfigured_ReturnsCorrectBool()
+        {
+            var results = AppSettings.Get<bool>("BoolConfig");
+            Assert.AreEqual(results, true);
+        }
+
+        [TestMethod]
+
+        public void SetttingConfigured_ReturnsInt()
+        {
+            var results = AppSettings.Get<int>("IntConfig");
+            Assert.AreEqual(results, 1);
+        }
+
+        [TestMethod]
+
+        public void SetttingConfigured_ReturnsString()
+        {
+            var results = AppSettings.Get<string>("StringConfig");
+            Assert.AreEqual(results, "value");
+        }
+
+        [TestMethod]
+
+        public void SetttingConfigured_ReturnsDouble()
+        {
+            var results = AppSettings.Get<double>("DoubleConfig");
+            Assert.AreEqual(results, 123.4);
+        }
+
+    }
+}
diff --git a/DOL.WHD.Section14c.Test/DOL.WHD.Section14c.Test.csproj b/DOL.WHD.Section14c.Test/DOL.WHD.Section14c.Test.csproj
index 4de4f75f..542886bf 100644
--- a/DOL.WHD.Section14c.Test/DOL.WHD.Section14c.Test.csproj
+++ b/DOL.WHD.Section14c.Test/DOL.WHD.Section14c.Test.csproj
@@ -114,6 +114,7 @@
     <Compile Include="Business\Validators\WIOAWorkerValidatorTests.cs" />
     <Compile Include="Business\Validators\WorkerCountInfoValidatorTests.cs" />
     <Compile Include="Business\Validators\WorkSiteValidatorTests.cs" />
+    <Compile Include="Common\AppSettingsTests.cs" />
     <Compile Include="Domain\BaseEntityTests.cs" />
     <Compile Include="Domain\Models\FeatureTests.cs" />
     <Compile Include="Domain\Models\Identity\ApplicationUserRoleTests.cs" />
@@ -159,6 +160,10 @@
       <Project>{7cd1d7dd-ce24-4280-b8bd-0b8b9abb0ffc}</Project>
       <Name>DOL.WHD.Section14c.Business</Name>
     </ProjectReference>
+    <ProjectReference Include="..\DOL.WHD.Section14c.Common\DOL.WHD.Section14c.Common.csproj">
+      <Project>{9C06ABE3-28D2-4BAB-BAA4-11B6C404B329}</Project>
+      <Name>DOL.WHD.Section14c.Common</Name>
+    </ProjectReference>
     <ProjectReference Include="..\DOL.WHD.Section14c.DataAccess\DOL.WHD.Section14c.DataAccess.csproj">
       <Project>{f7033f89-ed1b-4784-aeab-d8808fbbec92}</Project>
       <Name>DOL.WHD.Section14c.DataAccess</Name>
diff --git a/DOL.WHD.Section14c.Test/app.config b/DOL.WHD.Section14c.Test/app.config
index 45303beb..656330fe 100644
--- a/DOL.WHD.Section14c.Test/app.config
+++ b/DOL.WHD.Section14c.Test/app.config
@@ -12,4 +12,13 @@
       </dependentAssembly>
     </assemblyBinding>
   </runtime>
-<startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1"/></startup></configuration>
+  <appSettings>
+    <add key="BoolConfig" value="true" />
+    <add key="IntConfig" value="1" />
+    <add key="StringConfig" value="value" />
+    <add key="DoubleConfig" value="123.4" />
+  </appSettings>
+  <startup>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.1"/>
+  </startup>
+</configuration>
\ No newline at end of file
diff --git a/DOL.WHD.Section14c.Web/env.js b/DOL.WHD.Section14c.Web/env.js
index 2a40d2cf..66467e70 100644
--- a/DOL.WHD.Section14c.Web/env.js
+++ b/DOL.WHD.Section14c.Web/env.js
@@ -7,4 +7,8 @@
     // Google reCaptcha Site Key
     window.__env.reCaptchaSiteKey = '6LeqeggUAAAAALC5zT4OHbDJk9gHNT0GGZbJMOnG';
 
+    window.__env.requireHttps = true;
+
+    window.__env.tokenCookieDurationMinutes = 20160;
+
 }(this));
diff --git a/DOL.WHD.Section14c.Web/src/modules/services/stateService.js b/DOL.WHD.Section14c.Web/src/modules/services/stateService.js
index 5c63af19..bcf44e3c 100644
--- a/DOL.WHD.Section14c.Web/src/modules/services/stateService.js
+++ b/DOL.WHD.Section14c.Web/src/modules/services/stateService.js
@@ -7,7 +7,7 @@ import property from 'lodash/property'
 
 
 module.exports = function(ngModule) {
-    ngModule.service('stateService', function($cookies, moment, apiService, $q) {
+    ngModule.service('stateService', function($cookies, moment, apiService, $q, _env) {
         'use strict';
 
         const sectionArray = ['assurances', 'app-info', 'employer', 'wage-data', 'work-sites', 'wioa'];
@@ -36,8 +36,8 @@ module.exports = function(ngModule) {
             },
             set: function(value) {
                 $cookies.put(accessTokenCookieName, value, {
-                    secure: true,
-                    expires: moment().add(1, 'y').toDate()
+                    secure: _env.requireHttps,
+                    expires: moment().add(_env.tokenCookieDurationMinutes, 'm').toDate()
                 });
             }
         });
@@ -89,6 +89,8 @@ module.exports = function(ngModule) {
                     }, function (error) {
                         d.reject(error);
                     });
+                } else {
+                    d.resolve();
                 }
             }, function (error) {
                 d.reject(error);
diff --git a/DOL.WHD.Section14c.Web/webpack.config.js b/DOL.WHD.Section14c.Web/webpack.config.js
index 38436487..16b702f0 100644
--- a/DOL.WHD.Section14c.Web/webpack.config.js
+++ b/DOL.WHD.Section14c.Web/webpack.config.js
@@ -18,7 +18,7 @@ module.exports = {
 	devServer: {
 		inline: true,
 		port: 3333,
-        https: true,
+        https: true
 	},
 	module: {
         preLoaders: [
diff --git a/README.md b/README.md
index 3a2aeb81..0a6bc294 100644
--- a/README.md
+++ b/README.md
@@ -85,6 +85,8 @@ All configurations for the Web project are set in the env.js. This file is exclu
 | --- | --- | ---
 api_url* | Full URL of the REST API Service | http://localhost:3334 (Local develoment URL)
 reCaptchaSiteKey* | reCaptcha Site Key | (Development Key with localhost enabled)
+requireHttps | Use secure cookie | true
+tokenCookieDurationMinutes | Token Cookie Expiration in Minutes | 20160 (14 days to match server AccessTokenExpireTimeSpanMinutes)
 
 \* Must be configured during deployment
 
@@ -111,6 +113,7 @@ MaxFailedAccessAttemptsBeforeLockout | Login attempts befer user is locked out |
 PasswordExpirationDays | Number of days before password must be changes | 90
 AccessTokenExpireTimeSpanMinutes | Token Expiration Minutes for Reset Password and Email Verification Links | 20160 (14 days, ASP.net Default)
 AllowedFileNamesRegex | Regex for allowed filenames | ^(.*\.(doc|docx|xls|xlsx|ppt|pptx|pdf)$)?[^.]*$
+RequireHttps | Require HTTPS for secure communication | true
 
 \* Must be configured during deployment