diff --git a/src/clj/auto_ap/graphql.clj b/src/clj/auto_ap/graphql.clj
index 4116742c..559e75a0 100644
--- a/src/clj/auto_ap/graphql.clj
+++ b/src/clj/auto_ap/graphql.clj
@@ -27,6 +27,7 @@
    [clj-time.coerce :as coerce]
    [clj-time.core :as t]
    [clojure.string :as str]
+   [config.core :refer [env]]
    [clojure.tools.logging :as log]
    [clojure.walk :as walk]
    [com.brunobonacci.mulog :as mu]
@@ -37,7 +38,8 @@
    [datomic.api :as dc]
    [unilog.context :as lc]
    [yang.time :refer [time-it]]
-   [auto-ap.routes.auth :as auth])
+   [auto-ap.routes.auth :as auth]
+   [buddy.sign.jwt :as jwt])
   (:import
    (clojure.lang IPersistentMap)))
 
@@ -627,7 +629,9 @@
   (let [users (->> (d-users/get-graphql args)
                    (map (fn [u]
                           (assoc u :impersonate_jwt
-                                 (auth/user->jwt u "FAKE_TOKEN")))))]
+                                 (jwt/sign (auth/user->jwt u "FAKE_TOKEN")
+                                           (:jwt-secret env)
+                                           {:alg :hs512})))))]
     (->graphql users)))
 
 
diff --git a/src/clj/auto_ap/handler.clj b/src/clj/auto_ap/handler.clj
index 5d36a059..64b3cd10 100644
--- a/src/clj/auto_ap/handler.clj
+++ b/src/clj/auto_ap/handler.clj
@@ -217,6 +217,7 @@
                            seq
                            (pull-many (dc/db conn)
                                                  d-clients/full-read))]
+      
       (lc/with-context {:clients (map :client/code clients)}
         (handler (assoc request
                         :clients clients
@@ -233,7 +234,9 @@
                            (do 
                              (assert-can-see-client identity (cond-> client-id
                                                                (string? client-id) (Long/parseLong)))
-                             [client-id])
+                             [(if (string? client-id)
+                                (Long/parseLong client-id)
+                                client-id)])
                            x-clients)
                          (catch Exception e
                            (alog/warn ::cant-access :error e
diff --git a/src/clj/auto_ap/routes/auth.clj b/src/clj/auto_ap/routes/auth.clj
index 7deb0cb2..b21263fa 100644
--- a/src/clj/auto_ap/routes/auth.clj
+++ b/src/clj/auto_ap/routes/auth.clj
@@ -62,9 +62,7 @@
                                   (select-keys c [:client/code :db/id :client/locations]))))))]
 
     (when (and user oauth-token)
-      (jwt/sign auth
-                (:jwt-secret env)
-                {:alg :hs512}))))
+      auth)))
 
 (defn oauth [{{:strs [code state]} :query-params {:strs [host]} :headers :as request}]
   (try
@@ -93,8 +91,11 @@
 
       (if-let [jwt (user->jwt user token)]
         {:status  301
-         :headers {"Location" (str (or (not-empty state) "/") "?jwt=" jwt)}
-         :session {:identity (dissoc auth :exp)}}
+         :headers {"Location" (str (or (not-empty state) "/") "?jwt="
+                                   (jwt/sign jwt
+                                             (:jwt-secret env)
+                                             {:alg :hs512}))}
+         :session {:identity (dissoc jwt :exp)}}
         {:status 401
          :body   "Couldn't authenticate"}))
     (catch Exception e
diff --git a/src/clj/auto_ap/routes/graphql.clj b/src/clj/auto_ap/routes/graphql.clj
index 048d36df..441fe6d7 100644
--- a/src/clj/auto_ap/routes/graphql.clj
+++ b/src/clj/auto_ap/routes/graphql.clj
@@ -23,6 +23,7 @@
     (let [variables (some-> (query-params "variables")
                             edn/read-string)
           body (some-> r :body slurp)]
+      (println "CLIENTS" clients)
       
       {:status 200
        :body (pr-str (ql/query (:identity r) (if (= request-method :get) (query-params "query") body) (assoc variables