diff --git a/api/chalicelib/core/signup.py b/api/chalicelib/core/signup.py
index 651b80f5f..2c8c850ef 100644
--- a/api/chalicelib/core/signup.py
+++ b/api/chalicelib/core/signup.py
@@ -80,11 +80,14 @@ async def create_tenant(data: schemas.UserSignupSchema):
     r["smtp"] = smtp.has_smtp()
 
     return {
-        'jwt': r.pop('jwt'),
-        'refreshToken': r.pop('refreshToken'),
-        'refreshTokenMaxAge': r.pop('refreshTokenMaxAge'),
+        "jwt": r.pop("jwt"),
+        "refreshToken": r.pop("refreshToken"),
+        "refreshTokenMaxAge": r.pop("refreshTokenMaxAge"),
+        "spotJwt": r.pop("spotJwt"),
+        "spotRefreshToken": r.pop("spotRefreshToken"),
+        "spotRefreshTokenMaxAge": r.pop("spotRefreshTokenMaxAge"),
         'data': {
-            "scope": "full",
+            "scopeState": 0,
             "user": r
         }
     }
diff --git a/api/routers/core_dynamic.py b/api/routers/core_dynamic.py
index a229d8a72..48c2eb7a0 100644
--- a/api/routers/core_dynamic.py
+++ b/api/routers/core_dynamic.py
@@ -44,10 +44,7 @@ if not tenants.tenants_exists_sync(use_pool=False):
         content = await signup.create_tenant(data)
         if "errors" in content:
             return content
-        refresh_token = content.pop("refreshToken")
-        refresh_token_max_age = content.pop("refreshTokenMaxAge")
-        response.set_cookie(key="refreshToken", value=refresh_token, path=COOKIE_PATH,
-                            max_age=refresh_token_max_age, secure=True, httponly=True)
+        content = __process_authentication_response(response=response, data=content)
         return content
 
 
diff --git a/ee/api/chalicelib/core/signup.py b/ee/api/chalicelib/core/signup.py
index fcc79d190..f90e5f444 100644
--- a/ee/api/chalicelib/core/signup.py
+++ b/ee/api/chalicelib/core/signup.py
@@ -90,9 +90,12 @@ async def create_tenant(data: schemas.UserSignupSchema):
     r["smtp"] = smtp.has_smtp()
 
     return {
-        'jwt': r.pop('jwt'),
-        'refreshToken': r.pop('refreshToken'),
-        'refreshTokenMaxAge': r.pop('refreshTokenMaxAge'),
+        "jwt": r.pop("jwt"),
+        "refreshToken": r.pop("refreshToken"),
+        "refreshTokenMaxAge": r.pop("refreshTokenMaxAge"),
+        "spotJwt": r.pop("spotJwt"),
+        "spotRefreshToken": r.pop("spotRefreshToken"),
+        "spotRefreshTokenMaxAge": r.pop("spotRefreshTokenMaxAge"),
         'data': {
             "scope": "full",
             "user": r
diff --git a/ee/api/routers/core_dynamic.py b/ee/api/routers/core_dynamic.py
index 0993a9774..13b0bbe8c 100644
--- a/ee/api/routers/core_dynamic.py
+++ b/ee/api/routers/core_dynamic.py
@@ -48,10 +48,7 @@ if config("MULTI_TENANTS", cast=bool, default=False) or not tenants.tenants_exis
         content = await signup.create_tenant(data)
         if "errors" in content:
             return content
-        refresh_token = content.pop("refreshToken")
-        refresh_token_max_age = content.pop("refreshTokenMaxAge")
-        response.set_cookie(key="refreshToken", value=refresh_token, path=COOKIE_PATH,
-                            max_age=refresh_token_max_age, secure=True, httponly=True)
+        content = __process_authentication_response(response=response, data=content)
         return content