diff --git a/src/Controller/CustomerAppAPI/ApiController.php b/src/Controller/CustomerAppAPI/ApiController.php
index 7104948c..8f699998 100644
--- a/src/Controller/CustomerAppAPI/ApiController.php
+++ b/src/Controller/CustomerAppAPI/ApiController.php
@@ -55,16 +55,17 @@ class ApiController extends BaseApiController
     protected function validateRequest(Request $req, $params = [])
     {
         $error = $this->hasMissingParams($req, $params);
+        $api_key = $req->query->get('api_key');
 
         if (!$error) {
-            if (!$this->validateSession($req->query->get('api_key'))) {
-                $error = 'Invalid API Key.';
+            if (empty($api_key) || !$this->validateSession($api_key)) {
+                $error = 'Invalid session key.';
             }
         }
 
         return [
             'is_valid' => !$error,
-            'message' => $error,
+            'error' => $error,
         ];
     }
 
diff --git a/src/Controller/CustomerAppAPI/AuthController.php b/src/Controller/CustomerAppAPI/AuthController.php
index a206f660..8ddda9a9 100644
--- a/src/Controller/CustomerAppAPI/AuthController.php
+++ b/src/Controller/CustomerAppAPI/AuthController.php
@@ -29,7 +29,6 @@ class AuthController extends ApiController
         }
 
         // retry until we get a unique id
-        /*
         while (true) {
             try {
                 // instantiate session
@@ -59,11 +58,10 @@ class AuthController extends ApiController
 
             break;
         }
-        */
 
         // return data
         return new ApiResponse(true, '', [
-            'session_id' => 123, //$sess->getID(),
+            'session_id' => $sess->getID(),
         ]);
     }
 
diff --git a/src/Entity/CustomerUser.php b/src/Entity/CustomerUser.php
new file mode 100644
index 00000000..1c2aee8b
--- /dev/null
+++ b/src/Entity/CustomerUser.php
@@ -0,0 +1,106 @@
+<?php
+
+namespace App\Entity;
+
+use Doctrine\ORM\Mapping as ORM;
+use Doctrine\Common\Collections\ArrayCollection;
+use Catalyst\ApiBundle\Entity\User as BaseUser;
+
+/**
+ * @ORM\Entity
+ * @ORM\Table(name="api_user")
+ */
+class CustomerUser extends BaseUser
+{
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * @ORM\Column(type="string", length=180)
+     */
+    protected $name;
+
+    /**
+     * @ORM\Column(type="string", length=100)
+     */
+    protected $contact_number;
+
+    /**
+     * @ORM\Column(type="string", length=50)
+     */
+    protected $email;
+
+    // notification token for android / ios notification sending
+    /**
+     * @ORM\Column(type="text", nullable=true)
+     */
+    protected $notif_token;
+
+    public function setUsername($username)
+    {
+        $this->username = $username;
+        return $this;
+    }
+
+    public function getUsername()
+    {
+        return $this->username;
+    }
+
+    public function setPassword($password)
+    {
+        $this->password = $password;
+        return $this;
+    }
+
+    public function getPassword()
+    {
+        return $this->password;
+    }
+
+    public function setName($name)
+    {
+        $this->name = $name;
+        return $this;
+    }
+
+    public function getName()
+    {
+        return $this->name;
+    }
+
+    public function setContactNumber($num)
+    {
+        $this->contact_number = $num;
+        return $this;
+    }
+
+    public function getContactNumber()
+    {
+        return $this->contact_number;
+    }
+
+    public function setEmail($email)
+    {
+        $this->email = $email;
+        return $this;
+    }
+
+    public function getEmail()
+    {
+        return $this->email;
+    }
+
+    public function setNotificationToken($token)
+    {
+        $this->notif_token = $token;
+        return $this;
+    }
+
+    public function getNotificationToken()
+    {
+        return $this->notif_token;
+    }
+}