diff --git a/packages/flowerbase/src/auth/plugins/jwt.test.ts b/packages/flowerbase/src/auth/plugins/jwt.test.ts
index 0dc84b5..66d4117 100644
--- a/packages/flowerbase/src/auth/plugins/jwt.test.ts
+++ b/packages/flowerbase/src/auth/plugins/jwt.test.ts
@@ -140,7 +140,7 @@ describe('jwtAuthentication', () => {
     expect(decoded.id).toBe(authId.toHexString())
     expect(decoded.sub).toBe(authId.toHexString())
     expect(decoded.data._id).toBe(authId.toHexString())
-    expect(decoded.user_data._id).toBe(authId.toHexString())
+    expect(decoded.user_data._id).toBe(linkedId.toHexString())
     expect(decoded.custom_data._id).toBe(linkedId.toHexString())
     expect(decoded.custom_data.role).toBe('owner')
   })
diff --git a/packages/flowerbase/src/auth/plugins/jwt.ts b/packages/flowerbase/src/auth/plugins/jwt.ts
index 29388c3..73ef404 100644
--- a/packages/flowerbase/src/auth/plugins/jwt.ts
+++ b/packages/flowerbase/src/auth/plugins/jwt.ts
@@ -101,24 +101,21 @@ export default fp(async function (fastify, opts: Options) {
 
   fastify.decorate('createAccessToken', function (user: WithId<Document>) {
     const id = user._id.toString()
-    const userData = isRecord(user.user_data) ? { ...user.user_data } : {}
     const customData = isRecord(user.custom_data)
       ? { ...user.custom_data }
-      : { ...userData }
-    const mergedUserData = {
-      ...customData,
-      ...userData,
+      : (isRecord(user.user_data) ? { ...user.user_data } : {})
+    const authData = {
       _id: id,
       id,
-      email: typeof user.email === 'string' ? user.email : userData.email
+      email: typeof user.email === 'string' ? user.email : customData.email
     }
 
     return this.jwt.sign(
       {
         typ: 'access',
         id,
-        data: mergedUserData,
-        user_data: mergedUserData,
+        data: authData,
+        user_data: customData,
         custom_data: customData
       },
       {