diff --git a/back/methods/vn-token/killSession.js b/back/methods/vn-token/killSession.js
new file mode 100644
index 000000000..23d02bfc2
--- /dev/null
+++ b/back/methods/vn-token/killSession.js
@@ -0,0 +1,29 @@
+module.exports = Self => {
+    Self.remoteMethodCtx('killSession', {
+        description: 'Kill session',
+        accepts: [{
+            arg: 'userId',
+            type: 'integer',
+            description: 'The user id',
+            required: true,
+        }, {
+            arg: 'created',
+            type: 'date',
+            description: 'The created time',
+            required: true,
+        }],
+        accessType: 'WRITE',
+        http: {
+            path: `/killSession`,
+            verb: 'POST'
+        }
+    });
+
+    Self.killSession = async function(ctx, userId, created) {
+        await Self.app.models.VnUser.userSecurity(ctx, ctx.req.accessToken.userId);
+        const tokens = await Self.app.models.AccessToken.find({where: {userId, created}});
+        if (!tokens?.length) return;
+        for (const token of tokens)
+            await Self.app.models.AccessToken.deleteById(token.id);
+    };
+};
diff --git a/back/model-config.json b/back/model-config.json
index cb9ee4fdb..07ce5fe88 100644
--- a/back/model-config.json
+++ b/back/model-config.json
@@ -175,6 +175,9 @@
     "ViaexpressConfig": {
         "dataSource": "vn"
     },
+    "VnToken": {
+        "dataSource": "vn"
+    },
     "VnUser": {
         "dataSource": "vn"
     },
diff --git a/back/models/vn-token.js b/back/models/vn-token.js
new file mode 100644
index 000000000..03d45dae2
--- /dev/null
+++ b/back/models/vn-token.js
@@ -0,0 +1,5 @@
+const vnModel = require('vn-loopback/common/models/vn-model');
+module.exports = function(Self) {
+    vnModel(Self);
+    require('../methods/vn-token/killSession')(Self);
+};
diff --git a/back/models/vn-token.json b/back/models/vn-token.json
new file mode 100644
index 000000000..fab8965d6
--- /dev/null
+++ b/back/models/vn-token.json
@@ -0,0 +1,22 @@
+{
+    "name": "VnToken",
+    "base": "AccessToken",
+    "options": {
+        "mysql": {
+            "table": "salix.AccessToken"
+        }
+    },
+    "properties": {
+        "created": {
+            "type": "date"
+        }
+    },
+    "relations": {
+        "user": {
+            "type": "belongsTo",
+            "model": "VnUser",
+            "foreignKey": "userId"
+        }
+    },
+    "hidden": ["id"]
+}
diff --git a/db/versions/11112-blackRose/00-firstScript.sql b/db/versions/11112-blackRose/00-firstScript.sql
new file mode 100644
index 000000000..c26149240
--- /dev/null
+++ b/db/versions/11112-blackRose/00-firstScript.sql
@@ -0,0 +1,13 @@
+UPDATE `salix`.`ACL`
+	SET accessType='READ'
+	WHERE model = 'ACL';
+
+UPDATE `salix`.`ACL`
+	SET principalId='developerBoss'
+	WHERE model = 'AccessToken';
+
+INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId)
+	VALUES
+		('VnToken', '*', 'READ', 'ALLOW', 'ROLE', 'developer'),
+		('VnToken', 'killSession', '*', 'ALLOW', 'ROLE', 'developer'),
+		('ACL', '*', 'WRITE', 'ALLOW', 'ROLE', 'developerBoss');