diff --git a/src/handlers/subscribe_topic.rs b/src/handlers/subscribe_topic.rs
index 6551d9aa..03bcb478 100644
--- a/src/handlers/subscribe_topic.rs
+++ b/src/handlers/subscribe_topic.rs
@@ -70,16 +70,17 @@ pub async fn handler(
     });
     let signing_public = PublicKey::from(&signing_secret);
     let topic: Topic = sha256::digest(signing_public.as_bytes()).into();
-    let signing_public = hex::encode(signing_public);
-    let signing_secret = hex::encode(signing_secret.to_bytes());
+    let subscribe_public_key = hex::encode(signing_public);
+    let subscribe_private_key = hex::encode(signing_secret.to_bytes());
 
     let identity_secret = ed25519_dalek::SigningKey::generate(&mut rng);
-    let identity_public = hex::encode(ed25519_dalek::VerifyingKey::from(&identity_secret));
-    let identity_secret = hex::encode(identity_secret.to_bytes());
+    let authentication_public_key =
+        hex::encode(ed25519_dalek::VerifyingKey::from(&identity_secret));
+    let authentication_private_key = hex::encode(identity_secret.to_bytes());
 
     info!(
         "Saving project_info to database for project: {project_id} and app_domain {app_domain} \
-         with signing pubkey: {signing_public} and identity pubkey: {identity_public}, topic: \
+         with subscribe_public_key: {subscribe_public_key} and authentication_public_key: {authentication_public_key}, topic: \
          {topic}"
     );
 
@@ -87,10 +88,10 @@ pub async fn handler(
         project_id,
         &app_domain,
         topic.clone(),
-        identity_public,
-        identity_secret,
-        signing_public,
-        signing_secret,
+        authentication_public_key,
+        authentication_private_key,
+        subscribe_public_key,
+        subscribe_private_key,
         &state.postgres,
     )
     .await?;
diff --git a/src/model/helpers.rs b/src/model/helpers.rs
index 2d05dc73..fd72f172 100644
--- a/src/model/helpers.rs
+++ b/src/model/helpers.rs
@@ -22,10 +22,10 @@ pub async fn upsert_project(
     project_id: ProjectId,
     app_domain: &str,
     topic: Topic,
-    identity_public: String,
-    identity_secret: String,
-    signing_public: String,
-    signing_secret: String,
+    authentication_public_key: String,
+    authentication_private_key: String,
+    subscribe_public_key: String,
+    subscribe_private_key: String,
     postgres: &PgPool,
 ) -> Result<ProjectWithPublicKeys, sqlx::error::Error> {
     let query = "
@@ -48,10 +48,10 @@ pub async fn upsert_project(
         .bind(project_id.as_ref())
         .bind(app_domain)
         .bind(topic.as_ref())
-        .bind(identity_public)
-        .bind(identity_secret)
-        .bind(signing_public)
-        .bind(signing_secret)
+        .bind(authentication_public_key)
+        .bind(authentication_private_key)
+        .bind(subscribe_public_key)
+        .bind(subscribe_private_key)
         .fetch_one(postgres)
         .await
 }
diff --git a/src/websocket_service/handlers/notify_watch_subscriptions.rs b/src/websocket_service/handlers/notify_watch_subscriptions.rs
index c4913b01..7150f91e 100644
--- a/src/websocket_service/handlers/notify_watch_subscriptions.rs
+++ b/src/websocket_service/handlers/notify_watch_subscriptions.rs
@@ -10,7 +10,7 @@ use {
             helpers::{
                 get_project_by_app_domain, get_subscription_watchers_for_account_by_app_or_all_app,
                 get_subscriptions_by_account, get_subscriptions_by_account_and_app,
-                upsert_subscription_watcher,
+                upsert_subscription_watcher, SubscriberWithProject,
             },
             types::AccountId,
         },
@@ -180,17 +180,32 @@ pub async fn collect_subscriptions(
         get_subscriptions_by_account(account, postgres).await?
     };
 
-    let subscriptions = subscriptions
-        .into_iter()
-        .map(|sub| NotifyServerSubscription {
-            app_domain: sub.app_domain,
-            app_authentication_key: sub.authentication_public_key,
-            sym_key: sub.sym_key,
-            account: sub.account,
-            scope: sub.scope.into_iter().collect(),
-            expiry: sub.expiry.timestamp() as u64,
-        })
-        .collect::<Vec<_>>();
+    let subscriptions = {
+        let try_subscriptions = subscriptions
+            .into_iter()
+            .map(|sub| {
+                fn wrap(sub: SubscriberWithProject) -> Result<NotifyServerSubscription> {
+                    Ok(NotifyServerSubscription {
+                        app_domain: sub.app_domain,
+                        app_authentication_key: format!(
+                            "did:key:{}",
+                            DecodedClientId(decode_key(&sub.authentication_public_key)?)
+                        ),
+                        sym_key: sub.sym_key,
+                        account: sub.account,
+                        scope: sub.scope.into_iter().collect(),
+                        expiry: sub.expiry.timestamp() as u64,
+                    })
+                }
+                wrap(sub)
+            })
+            .collect::<Vec<_>>();
+        let mut subscriptions = Vec::with_capacity(try_subscriptions.len());
+        for result in try_subscriptions {
+            subscriptions.push(result?);
+        }
+        subscriptions
+    };
 
     Ok(subscriptions)
 }
diff --git a/tests/integration.rs b/tests/integration.rs
index f9634cd1..6f5ea958 100644
--- a/tests/integration.rs
+++ b/tests/integration.rs
@@ -625,6 +625,13 @@ async fn run_test(statement: String, watch_subscriptions_all_domains: bool) {
         );
         assert_eq!(sub.account, account);
         assert_eq!(sub.app_domain, app_domain);
+        assert_eq!(&sub.app_authentication_key, &dapp_did_key);
+        assert_eq!(
+            DecodedClientId::try_from_did_key(&sub.app_authentication_key)
+                .unwrap()
+                .0,
+            decode_key(dapp_identity_pubkey).unwrap()
+        );
         assert_eq!(
             sub.scope,
             HashSet::from(["test".to_owned(), "test1".to_owned()]),