diff --git a/src/MetaTech/Silex/Ws/Authentication.php b/src/MetaTech/Silex/Ws/Authentication.php
index 5abfd3d..4748796 100644
--- a/src/MetaTech/Silex/Ws/Authentication.php
+++ b/src/MetaTech/Silex/Ws/Authentication.php
@@ -99,8 +99,8 @@ class Authentication
         $msg           = 'authentication require';
         $token         = $this->authenticator->getToken();
         $login         = $request->get('login');
-        $responseToken = $this->authenticator->generateResponseHeader($token, $login);
-        $headers       = $this->getResponseHeaders($responseToken);
+        $responseToken = $this->authenticator->generateResponseHeader($token);
+        $headers       = $this->getResponseHeaders([], $responseToken);
         if ($this->authenticator->isValid($token)) {
             $password = $request->get('password');
             if ($this->authenticator->check($token, $login)) {
@@ -150,7 +150,6 @@ class Authentication
         $user->key   = $token->getIdent();
         $user->login = $login;
         $this->session->set('user', $user);
-        $this->session->set('pwsauth.response', $this->authenticator->generateResponseHeader($token, $login));
         $this->session->save();
         return $sid;
     }
@@ -168,8 +167,9 @@ class Authentication
             $msg     = "authentication require";
             $headers = [];
             try {
-                $token = $this->authenticator->getToken();
-                
+                $token         = $this->authenticator->getToken();
+                $tokenResponse = $this->authenticator->generateResponseHeader($token);
+                $headers       = $this->getResponseHeaders($headers, $tokenResponse);
                 if ($this->authenticator->isValid($token)) {
                     if (!empty($sid = $this->authenticator->getSessionId($token))) {
                         $this->sessionInvalidate();
@@ -178,7 +178,6 @@ class Authentication
                         $user = $this->session->get('user');
                         // done : lets controller takes hand
                         if (!is_null($user) && $user->key == $token->getIdent()) {
-                            $tokenResponse = $this->authenticator->generateResponseHeader($token, $user->login);
                             $this->session->set('pwsauth.response', $tokenResponse);
                             return;
                         }
diff --git a/src/MetaTech/Silex/Ws/Controller.php b/src/MetaTech/Silex/Ws/Controller.php
index 1b8ab96..f14c9b2 100644
--- a/src/MetaTech/Silex/Ws/Controller.php
+++ b/src/MetaTech/Silex/Ws/Controller.php
@@ -49,13 +49,13 @@ class Controller extends Base
      * @param       []      $data
      * @return      Symfony\Component\HttpFoundation\JsonResponse
      */
-    public function response($done = false, $msg = "fail", $data = null)
+    public function response($done = false, $msg = "fail", $data = null, $tokenResponse = null)
     {
         if (is_null($data)) {
             unset($data);
         }
         $headers  = [];
-        if (!empty($tokenResponse = $this->session->get('pwsauth.response'))) {
+        if (!empty($tokenResponse) || !empty($tokenResponse = $this->session->get('pwsauth.response'))) {
             $headers['Pws-Response'] = $tokenResponse;
         }
         $response = new JsonResponse(compact('done', 'msg', 'data'), 200, $headers);
@@ -107,11 +107,12 @@ class Controller extends Base
      */
     public function logout()
     {
+        $tokenResponse = $this->session->isStarted() ? $this->session->get('pwsauth.response') : null;
         $this->handler->sessionInvalidate();
         $sessid = $this->session->getId();
         $done   = true;
         $msg    = 'session logout';
-        return $this->response($done, $msg);
+        return $this->response($done, $msg, null, $tokenResponse);
     }
 
     /*!