diff --git a/internal/interface/main-handler/authentication/handler.go b/internal/interface/main-handler/authentication/handler.go
index f412e482..f0625af7 100644
--- a/internal/interface/main-handler/authentication/handler.go
+++ b/internal/interface/main-handler/authentication/handler.go
@@ -75,13 +75,14 @@ func GuardMW(next http.Handler) http.Handler {
 		credential.SecretKey = r.Header.Get("X-Sync-SecretKey")
 		credential.UserName = r.Header.Get("X-Sync-UserName")
 		if credential.Source != "" || credential.SecretKey != "" || credential.UserName != "" {
-			ctx := context.WithValue(r.Context(), esga.SyncKey{}, credential)
+			// TODO: ngecall fungsi untuk dapat dari DB menlengkapi authinfo
+			accessDetail, err := s.GetAuthInfoByUserName(credential.UserName)
+			if err != nil {
+				rw.WriteJSON(w, http.StatusUnauthorized, err.(d.FieldError), nil)
+				return
+			}
+			ctx := context.WithValue(r.Context(), pa.AuthKey{}, accessDetail)
 			next.ServeHTTP(w, r.WithContext(ctx))
-			// TO DO:
-			// 1 Get user info manually (not by using token), based on credential.UserName
-			// 2 To cover the point 1, Adjust /use-case/main-use-case/authentication to have the function
-			// 3 Any DTO that is used in the sync, add flag Sync (tru/false), set it true if it is from sync
-
 			return
 		}
 
diff --git a/internal/lib/auth/tycovar.go b/internal/lib/auth/tycovar.go
index 117d0c73..0ce3b0fc 100644
--- a/internal/lib/auth/tycovar.go
+++ b/internal/lib/auth/tycovar.go
@@ -22,6 +22,7 @@ type AuthInfo struct {
 	Pharmachist_Code           *string
 	Intern_Position_Code       *string
 	Roles                      []string
+	Sync                       bool
 	// User_DivisionPositions     []DivisionPosition
 }
 
diff --git a/internal/use-case/main-use-case/authentication/case.go b/internal/use-case/main-use-case/authentication/case.go
index db83d315..2f47c43d 100644
--- a/internal/use-case/main-use-case/authentication/case.go
+++ b/internal/use-case/main-use-case/authentication/case.go
@@ -179,6 +179,12 @@ func VerifyToken(r *http.Request, tokenType TokenType) (data *jwt.Token, errCode
 	return token, "", ""
 }
 
+func GetAuthInfoByUserName(userName string) (data *pa.AuthInfo, err error) {
+	// disini isi var `data`
+	// return error jika terjadi apa2
+	return
+}
+
 func ExtractToken(r *http.Request, tokenType TokenType) (data *pa.AuthInfo, err error) {
 	token, errCode, errDetail := VerifyToken(r, tokenType)
 	if errCode != "" {