diff --git a/.env.test b/.env.test
index 41fcc85..e4a18cc 100644
--- a/.env.test
+++ b/.env.test
@@ -2,3 +2,4 @@
DATABASE_URL="postgresql://localhost/contributors_test"
SERVE_STATIC_ASSETS="true"
WEB_SESSIONS_SECRET="79bf4569447bc93d5cf6923dfe68561261ff289ffe2afdd2e24f062be5bda573"
+API_SESSIONS_SECRET="362a916eb6c3945b761bfd4dc02e24c6f7ba64891afbfdb538ae8a721b7aac41"
diff --git a/apps/api/application.rb b/apps/api/application.rb
new file mode 100644
index 0000000..fdf8d21
--- /dev/null
+++ b/apps/api/application.rb
@@ -0,0 +1,320 @@
+module Api
+ class Application < Hanami::Application
+ configure do
+ ##
+ # BASIC
+ #
+
+ # Define the root path of this application.
+ # All paths specified in this configuration are relative to path below.
+ #
+ root __dir__
+
+ # Relative load paths where this application will recursively load the
+ # code.
+ #
+ # When you add new directories, remember to add them here.
+ #
+ load_paths << %w[controllers serializators]
+
+ # Handle exceptions with HTTP statuses (true) or don't catch them (false).
+ # Defaults to true.
+ # See: http://www.rubydoc.info/gems/hanami-controller/#Exceptions_management
+ #
+ # handle_exceptions true
+
+ ##
+ # HTTP
+ #
+
+ # Routes definitions for this application
+ # See: http://www.rubydoc.info/gems/hanami-router#Usage
+ #
+ routes 'config/routes'
+
+ # URI scheme used by the routing system to generate absolute URLs
+ # Defaults to "http"
+ #
+ # scheme 'https'
+
+ # URI host used by the routing system to generate absolute URLs
+ # Defaults to "localhost"
+ #
+ # host 'example.org'
+
+ # URI port used by the routing system to generate absolute URLs
+ # Argument: An object coercible to integer, defaults to 80 if the scheme
+ # is http and 443 if it's https
+ #
+ # This should only be configured if app listens to non-standard ports
+ #
+ # port 443
+
+ # Enable cookies
+ # Argument: boolean to toggle the feature
+ # A Hash with options
+ #
+ # Options:
+ # :domain - The domain (String - nil by default, not required)
+ # :path - Restrict cookies to a relative URI
+ # (String - nil by default)
+ # :max_age - Cookies expiration expressed in seconds
+ # (Integer - nil by default)
+ # :secure - Restrict cookies to secure connections
+ # (Boolean - Automatically true when using HTTPS)
+ # See #scheme and #ssl?
+ # :httponly - Prevent JavaScript access (Boolean - true by default)
+ #
+ # cookies true
+ # or
+ # cookies max_age: 300
+
+ # Enable sessions
+ # Argument: Symbol the Rack session adapter
+ # A Hash with options
+ #
+ # See: http://www.rubydoc.info/gems/rack/Rack/Session/Cookie
+ #
+ # sessions :cookie, secret: ENV['API_SESSIONS_SECRET']
+
+ # Configure Rack middleware for this application
+ #
+ # middleware.use Rack::Protection
+
+ # Default format for the requests that don't specify an HTTP_ACCEPT header
+ # Argument: A symbol representation of a mime type, defaults to :html
+ #
+ # default_request_format :html
+
+ # Default format for responses that don't consider the request format
+ # Argument: A symbol representation of a mime type, defaults to :html
+ #
+ default_response_format :json
+
+ # HTTP Body parsers
+ # Parse non GET responses body for a specific mime type
+ # Argument: Symbol, which represent the format of the mime type
+ # (only `:json` is supported)
+ # Object, the parser
+ #
+ body_parsers :json
+
+ # When it's true and the router receives a non-encrypted request (http),
+ # it redirects to the secure equivalent (https). Disabled by default.
+ #
+ # force_ssl true
+
+ ##
+ # TEMPLATES
+ #
+
+ # The layout to be used by all views
+ #
+ # layout :application # It will load Api::Views::ApplicationLayout
+
+ # The relative path to templates
+ #
+ # templates 'templates'
+
+ ##
+ # ASSETS
+ #
+ # assets do
+ # JavaScript compressor
+ #
+ # Supported engines:
+ #
+ # * :builtin
+ # * :uglifier
+ # * :yui
+ # * :closure
+ #
+ # See: http://hanamirb.org/guides/assets/compressors
+ #
+ # In order to skip JavaScript compression comment the following line
+ # javascript_compressor :builtin
+
+ # Stylesheet compressor
+ #
+ # Supported engines:
+ #
+ # * :builtin
+ # * :yui
+ # * :sass
+ #
+ # See: http://hanamirb.org/guides/assets/compressors
+ #
+ # In order to skip stylesheet compression comment the following line
+ # stylesheet_compressor :builtin
+
+ # Specify sources for assets
+ #
+ # sources << [
+ # 'assets'
+ # ]
+ # end
+
+ ##
+ # SECURITY
+ #
+
+ # X-Frame-Options is a HTTP header supported by modern browsers.
+ # It determines if a web page can or cannot be included via and
+ #