diff --git a/bun.lockb b/bun.lockb
index 811b23d..b788f6b 100755
Binary files a/bun.lockb and b/bun.lockb differ
diff --git a/package.json b/package.json
index 9f334fa..5ea3c7b 100644
--- a/package.json
+++ b/package.json
@@ -25,6 +25,7 @@
     "@tanstack/vue-query": "^5.28.9",
     "@xmldom/xmldom": "^0.8.10",
     "chart.js": "3.3.2",
+    "crypto-js": "^4.2.0",
     "drizzle-orm": "^0.30.7",
     "h3": "^1.11.1",
     "jose": "^5.2.4",
@@ -39,6 +40,7 @@
   },
   "devDependencies": {
     "@babel/eslint-parser": "^7.18.9",
+    "@types/crypto-js": "^4.2.2",
     "@types/lodash": "^4.17.0",
     "@types/pg": "^8.11.4",
     "@types/uuid": "^9.0.8",
diff --git a/server/api/artifacts/upload-artifact-url.post.ts b/server/api/artifacts/upload-artifact-url.post.ts
index 4d05985..587a311 100644
--- a/server/api/artifacts/upload-artifact-url.post.ts
+++ b/server/api/artifacts/upload-artifact-url.post.ts
@@ -4,14 +4,15 @@ import { getStorageKeys, s3BucketName } from "~/server/utils/utils"
 import { takeUniqueOrThrow } from "../detail-app.get"
 import { CopyObjectCommand, DeleteObjectCommand, GetObjectCommand } from "@aws-sdk/client-s3"
 import { S3AppClient } from "~/server/services/S3AppClient"
-import { verifyToken } from "~/server/utils/token-utils"
+import { decryptText, verifyToken } from "~/server/utils/token-utils"
 
 export default defineEventHandler(async (event) => {
     const { token, appName, orgName, releaseNotes, packageMetadata, } = await readBody(event)
-    const fileKey = (await verifyToken(event, token)).fileKey as string
+    const fileKey = (decryptText(event, token)).fileKey as string
 
     const userId = event.context.auth.userId
     const db = event.context.drizzle
+    
     const userOrg = await db.select({
         organizationsId: organizations.id,
     })
diff --git a/server/api/artifacts/upload-artifact.post.ts b/server/api/artifacts/upload-artifact.post.ts
index 1dfc514..8f7e2c0 100644
--- a/server/api/artifacts/upload-artifact.post.ts
+++ b/server/api/artifacts/upload-artifact.post.ts
@@ -6,7 +6,7 @@ import { organizations, organizationsPeople } from "~/server/db/schema";
 import { and, eq } from "drizzle-orm";
 import { takeUniqueOrThrow } from "../detail-app.get";
 import { S3AppClient } from "~/server/services/S3AppClient";
-import { generateToken } from "~/server/utils/token-utils";
+import { encryptText } from "~/server/utils/token-utils";
 
 export default defineEventHandler(async (event) => {
     const { orgName, appName } = await readBody(event)
@@ -26,7 +26,7 @@ export default defineEventHandler(async (event) => {
     }).then(takeUniqueOrThrow)
 
     const key = generateRandomPassword()
-    const token = await generateToken(event, {
+    const token = encryptText(event, {
         fileKey: key,
     })
     var expires = 500;
diff --git a/server/utils/token-utils.ts b/server/utils/token-utils.ts
index d24d491..86ca8e0 100644
--- a/server/utils/token-utils.ts
+++ b/server/utils/token-utils.ts
@@ -1,5 +1,6 @@
 import type { EventHandlerRequest, H3Event } from 'h3'
 import * as jose from 'jose'
+import Crypto from 'crypto-js'
 
 const alg = 'HS256'
 
@@ -22,3 +23,19 @@ export const verifyToken = async (
         return undefined
     }
 }
+
+export const encryptText = (
+    event: H3Event<EventHandlerRequest>,
+    data: any) => {
+    const config = useRuntimeConfig(event)
+    return Crypto.AES.encrypt(JSON.stringify(data), config.JWT_KEY).toString()
+}
+
+export const decryptText = (
+    event: H3Event<EventHandlerRequest>,
+    token: string) => {
+    const config = useRuntimeConfig(event)
+    config.JWT_KEY
+    const value = Crypto.AES.decrypt(token, config.JWT_KEY).toString(Crypto.enc.Utf8)
+    return JSON.parse(value)
+}