diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php
index aea5eee461..e7224aa4ba 100644
--- a/app/controllers/api/account.php
+++ b/app/controllers/api/account.php
@@ -278,7 +278,7 @@ App::post('/v1/account/sessions/email')
             ->setAttribute('current', true)
             ->setAttribute('countryName', $countryName)
             ->setAttribute('expire', $expire)
-            ->setAttribute('secret', ($isPrivilegedUser || $isAppUser) ? $secret : '')
+            ->setAttribute('secret', ($isPrivilegedUser || $isAppUser) ? Auth::encodeSession($user->getId(), $secret) : '')
         ;
 
         $queueForEvents
@@ -1242,7 +1242,7 @@ App::put('/v1/account/sessions/token')
             ->setAttribute('current', true)
             ->setAttribute('countryName', $countryName)
             ->setAttribute('expire', $expire)
-            ->setAttribute('secret', ($isPrivilegedUser || $isAppUser) ? $sessionSecret : '')
+            ->setAttribute('secret', ($isPrivilegedUser || $isAppUser) ? Auth::encodeSession($user->getId(), $sessionSecret) : '')
         ;
 
         $response->dynamic($session, Response::MODEL_SESSION);
@@ -1377,7 +1377,7 @@ App::post('/v1/account/tokens/phone')
         );
 
         // Hide secret for clients
-        $token->setAttribute('secret', ($isPrivilegedUser || $isAppUser) ? $secret : '');
+        $token->setAttribute('secret', ($isPrivilegedUser || $isAppUser) ? Auth::encodeSession($user->getId(), $secret) : '');
 
         $response
             ->setStatusCode(Response::STATUS_CODE_CREATED)
@@ -1520,7 +1520,7 @@ App::post('/v1/account/sessions/anonymous')
             ->setAttribute('current', true)
             ->setAttribute('countryName', $countryName)
             ->setAttribute('expire', $expire)
-            ->setAttribute('secret', ($isPrivilegedUser || $isAppUser) ? $secret : '')
+            ->setAttribute('secret', ($isPrivilegedUser || $isAppUser) ? Auth::encodeSession($user->getId(), $secret) : '')
         ;
 
         $response->dynamic($session, Response::MODEL_SESSION);
diff --git a/tests/e2e/Scopes/ProjectCustom.php b/tests/e2e/Scopes/ProjectCustom.php
index 0f38b4ca71..bc0d6c8df2 100644
--- a/tests/e2e/Scopes/ProjectCustom.php
+++ b/tests/e2e/Scopes/ProjectCustom.php
@@ -83,7 +83,8 @@ trait ProjectCustom
                 'health.read',
                 'rules.read',
                 'rules.write',
-                'sessions'
+                'sessions',
+                'account'
             ],
         ]);
 
diff --git a/tests/e2e/Services/Account/AccountCustomServerTest.php b/tests/e2e/Services/Account/AccountCustomServerTest.php
index 435f8aac1b..0a2fd6ad42 100644
--- a/tests/e2e/Services/Account/AccountCustomServerTest.php
+++ b/tests/e2e/Services/Account/AccountCustomServerTest.php
@@ -133,13 +133,13 @@ class AccountCustomServerTest extends Scope
         $this->assertNotEmpty($response['body']['secret']);
 
         $sessionId = $response['body']['$id'];
-        $session = $response['cookies']['a_session_' . $this->getProject()['$id']];
+        $session = $response['body']['secret'];
 
         $response = $this->client->call(Client::METHOD_GET, '/account', array_merge(
             [
                 'content-type' => 'application/json',
                 'x-appwrite-project' => $this->getProject()['$id'],
-                'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $session,
+                'x-appwrite-session' => $session
             ],
             $this->getHeaders()
         ));