diff --git a/pkg/security/jwt.go b/pkg/security/jwt.go
index b19a41a..9fcc17e 100644
--- a/pkg/security/jwt.go
+++ b/pkg/security/jwt.go
@@ -11,8 +11,8 @@ import (
 type PayloadClaims struct {
 	jwt.RegisteredClaims
 
-	Type  string `json:"typ"`
-	Value any    `json:"val"`
+	SessionID string `json:"sed"`
+	Type      string `json:"typ"`
 }
 
 const (
@@ -20,7 +20,7 @@ const (
 	JwtRefreshType = "refresh"
 )
 
-func EncodeJwt(id string, val any, typ, sub string, aud []string, exp time.Time) (string, error) {
+func EncodeJwt(id string, typ, sub, sed string, aud []string, exp time.Time) (string, error) {
 	tk := jwt.NewWithClaims(jwt.SigningMethodHS512, PayloadClaims{
 		jwt.RegisteredClaims{
 			Subject:   sub,
@@ -31,8 +31,8 @@ func EncodeJwt(id string, val any, typ, sub string, aud []string, exp time.Time)
 			IssuedAt:  jwt.NewNumericDate(time.Now()),
 			ID:        id,
 		},
+		sed,
 		typ,
-		val,
 	})
 
 	return tk.SignedString([]byte(viper.GetString("secret")))
diff --git a/pkg/security/sessions.go b/pkg/security/sessions.go
index bacb500..5e350d1 100644
--- a/pkg/security/sessions.go
+++ b/pkg/security/sessions.go
@@ -86,12 +86,13 @@ func GetToken(session models.AuthSession) (string, string, error) {
 
 	var err error
 
-	sub := strconv.Itoa(int(session.ID))
-	access, err = EncodeJwt(session.AccessToken, nil, JwtAccessType, sub, session.Audiences, time.Now().Add(30*time.Minute))
+	sub := strconv.Itoa(int(session.AccountID))
+	sed := strconv.Itoa(int(session.ID))
+	access, err = EncodeJwt(session.AccessToken, JwtAccessType, sub, sed, session.Audiences, time.Now().Add(30*time.Minute))
 	if err != nil {
 		return refresh, access, err
 	}
-	refresh, err = EncodeJwt(session.RefreshToken, nil, JwtRefreshType, sub, session.Audiences, time.Now().Add(30*24*time.Hour))
+	refresh, err = EncodeJwt(session.RefreshToken, JwtRefreshType, sub, sed, session.Audiences, time.Now().Add(30*24*time.Hour))
 	if err != nil {
 		return refresh, access, err
 	}