diff --git a/authorizer/src/asapo_authorizer/cli/command_test.go b/authorizer/src/asapo_authorizer/cli/command_test.go
index b62788adea6f9f9ce0a3334ec8b2ea7ac3e4856e..e21893139209e7d79677f2d3074fbb49c2d55f54 100644
--- a/authorizer/src/asapo_authorizer/cli/command_test.go
+++ b/authorizer/src/asapo_authorizer/cli/command_test.go
@@ -14,7 +14,7 @@ var CommandTests = []struct {
 	ok bool
 	msg string
 }{
-	{command{"create-token", []string{"-type", "create-user-token", "-beamtime","123","-access-type","read","-duration-days","1"}}, true,"ok"},
+	{command{"create-token", []string{"-type", "user-token", "-beamtime","123","-access-type","read","-duration-days","1"}}, true,"ok"},
 	{command{"dummy", []string{"description"}}, false,"wrong command"},
 }
 
diff --git a/authorizer/src/asapo_authorizer/cli/create_token.go b/authorizer/src/asapo_authorizer/cli/create_token.go
index 6481f22f2b012cff02b183fbcbf7a3873cfa356d..c4f8b02359efbef7de522d0c16d8b51b8ffd9b8a 100644
--- a/authorizer/src/asapo_authorizer/cli/create_token.go
+++ b/authorizer/src/asapo_authorizer/cli/create_token.go
@@ -4,9 +4,8 @@ import (
 	"asapo_authorizer/authorization"
 	"asapo_authorizer/server"
 	"errors"
-	"os"
 	"fmt"
-	"asapo_common/utils"
+	"os"
 )
 
 type tokenFlags struct {
@@ -17,25 +16,6 @@ type tokenFlags struct {
 	DaysValid  int
 }
 
-func generateToken(id string,secret string) string {
-	hmac := utils.NewHMACAuth(secret)
-	token,err := hmac.GenerateToken(&id)
-
-	if (err!=nil) {
-		fmt.Println(err.Error())
-	}
-	return token
-}
-
-func isUserRequest(reqType string) bool {
- return reqType == "user-token"
-}
-
-func isAdminRequest(reqType string) bool {
-	return reqType == "admin-token"
-}
-
-
 func userTokenRequest(flags tokenFlags) (request authorization.TokenRequest, err error) {
 	if (flags.Beamline=="" && flags.Beamtime=="") || (flags.Beamline!="" && flags.Beamtime!="") {
 		return request,errors.New("beamtime or beamline must be set")
@@ -76,7 +56,6 @@ func adminTokenRequest(flags tokenFlags) (request authorization.TokenRequest, er
 	return
 }
 
-// GenerateToken generates token for consumers
 func (cmd *command) CommandCreate_token() (err error) {
 	message_string := "Generate token"
 	if cmd.description(message_string) {
diff --git a/authorizer/src/asapo_authorizer/cli/create_token_test.go b/authorizer/src/asapo_authorizer/cli/create_token_test.go
index 68396195a23710daad4e1a8c8ed974b4eec8840d..e39701147763cdf4ed2ae6a553cfb81f5dd31258 100644
--- a/authorizer/src/asapo_authorizer/cli/create_token_test.go
+++ b/authorizer/src/asapo_authorizer/cli/create_token_test.go
@@ -5,7 +5,6 @@ import (
 	"asapo_authorizer/server"
 	"asapo_common/utils"
 	"encoding/json"
-	"fmt"
 	"testing"
 
 	"bytes"
@@ -20,19 +19,29 @@ var tokenTests = []struct {
 	tokenExpires bool
 	msg             string
 }{
-//	{command{args: []string{"-type"}}, false, "", "", "not enough parameters"},
-//	{command{args: []string{"-type", "user-token", "-beamtime","123","-access-type","read","-duration-days","10"}},
-//		true, "read", "bt_123", true,"user token ok"},
+// good
+	{command{args: []string{"-type", "user-token", "-beamtime","123","-access-type","read","-duration-days","10"}},
+		true, "read", "bt_123", true,"user token beamtime ok"},
+	{command{args: []string{"-type", "user-token", "-beamline","123","-access-type","read","-duration-days","10"}},
+		true, "read", "bl_123", true,"user token beamline ok"},
 	{command{args: []string{"-type", "admin-token","-access-type","create"}},
 		true, "create", "admin", false,"admin token ok"},
+// bad
+	{command{args: []string{"-type", "user-token", "-beamtime","123","-access-type","create","-duration-days","10"}},
+		false, "", "", true,"user token wrong type"},
+	{command{args: []string{"-type", "user-token", "-access-type","create","-duration-days","10"}},
+		false, "", "", true,"user token no beamtime or beamline"},
+	{command{args: []string{"-type", "user-token",  "-beamtime","123","-beamline","1234", "-access-type","create","-duration-days","10"}},
+		false, "", "", true,"user token both beamtime and beamline"},
+	{command{args: []string{"-type", "admin-token","-access-type","bla"}},
+		false, "", "", false,"admin token wrong type"},
 }
 
 func TestGenerateToken(t *testing.T) {
-	outBuf = new(bytes.Buffer)
 	server.Auth = authorization.NewAuth(utils.NewHMACAuth("secret"),utils.NewHMACAuth("secret"),utils.NewJWTAuth("secret"))
 	for _, test := range tokenTests {
+		outBuf = new(bytes.Buffer)
 		err := test.cmd.CommandCreate_token()
-		fmt.Println(err)
 		if !test.ok {
 			assert.NotNil(t, err, test.msg)
 			continue
@@ -47,6 +56,5 @@ func TestGenerateToken(t *testing.T) {
 		} else {
 			assert.Empty(t, token.Expires, test.msg)
 		}
-
 	}
 }