diff --git a/src/DigitalData.Auth.API/DigitalData.Auth.API.csproj b/src/DigitalData.Auth.API/DigitalData.Auth.API.csproj
index 0842122..13c8bb4 100644
--- a/src/DigitalData.Auth.API/DigitalData.Auth.API.csproj
+++ b/src/DigitalData.Auth.API/DigitalData.Auth.API.csproj
@@ -12,6 +12,7 @@
     <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="8.0.12" />
     <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="8.3.0" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="6.4.0" />
+    <PackageReference Include="UserManager.Domain" Version="2.0.0" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/src/DigitalData.Auth.API/Program.cs b/src/DigitalData.Auth.API/Program.cs
index 787386e..45c873c 100644
--- a/src/DigitalData.Auth.API/Program.cs
+++ b/src/DigitalData.Auth.API/Program.cs
@@ -2,6 +2,7 @@ using DigitalData.Auth.API.Config;
 using DigitalData.Auth.API.Dto;
 using DigitalData.Auth.API.Services;
 using DigitalData.Core.Security;
+using DigitalData.UserManager.Domain.Entities;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.IdentityModel.JsonWebTokens;
 using Microsoft.IdentityModel.Tokens;
@@ -24,6 +25,15 @@ builder.Services.AddJwtSignatureHandler<ConsumerApi>(api => new Dictionary<strin
     { JwtRegisteredClaimNames.Sub, api.Name },
     { JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds() }
 });
+builder.Services.AddJwtSignatureHandler<User>(user => new Dictionary<string, object>
+{
+    { JwtRegisteredClaimNames.Sub, user.Id },
+    { JwtRegisteredClaimNames.UniqueName, user.Id },
+    { JwtRegisteredClaimNames.Email, user.Email ?? string.Empty },
+    { JwtRegisteredClaimNames.GivenName, user.Prename ?? string.Empty },
+    { JwtRegisteredClaimNames.FamilyName, user.Name ?? string.Empty },
+    { JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds() }
+});
 
 builder.Services.AddControllers();