diff --git a/webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java b/webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java
index 537bf1253..9ea88894a 100644
--- a/webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java
+++ b/webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/jwt/JWTRefreshEndpoint.java
@@ -58,7 +58,7 @@ public class JWTRefreshEndpoint extends AssignmentEndpoint {
         String user = (String) json.get("user");
         String password = (String) json.get("password");
 
-        if ("Jerry".equals(user) && PASSWORD.equals(password)) {
+        if ("Jerry".equalsIgnoreCase(user) && PASSWORD.equals(password)) {
             return ok(createNewTokens(user));
         }
         return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
diff --git a/webgoat-lessons/jwt/src/main/resources/html/JWT.html b/webgoat-lessons/jwt/src/main/resources/html/JWT.html
index 71775a15b..9c1a6889f 100644
--- a/webgoat-lessons/jwt/src/main/resources/html/JWT.html
+++ b/webgoat-lessons/jwt/src/main/resources/html/JWT.html
@@ -122,6 +122,7 @@ $(document).ready(
     <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/jwt.css}"/>
     <script th:src="@{/lesson_js/bootstrap.min.js}" language="JavaScript"></script>
     <script th:src="@{/lesson_js/jwt-buy.js}" language="JavaScript"></script>
+    <script th:src="@{/lesson_js/jwt-refresh.js}" language="JavaScript"></script>
     <div class="attack-container">
         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
         <form class="attack-form" accept-charset="UNKNOWN"
diff --git a/webgoat-lessons/sol.MD b/webgoat-lessons/sol.MD
index b7dc5043a..042f488e6 100644
--- a/webgoat-lessons/sol.MD
+++ b/webgoat-lessons/sol.MD
@@ -1,3 +1,6 @@
+https://github.com/WebGoat/WebGoat/wiki/(Almost)-Fully-Documented-Solution-(en)
+
+
 ### SQLi ###  
 
 Basic