diff --git a/auth/accesstoken_test.go b/auth/accesstoken_test.go
index d6255d67f..372a70fde 100644
--- a/auth/accesstoken_test.go
+++ b/auth/accesstoken_test.go
@@ -218,7 +218,7 @@ func TestAccessToken(t *testing.T) {
 
 			v, err := ParseAPIToken(value)
 			require.NoError(t, err)
-			claims, err := v.Verify(secret)
+			_, claims, err := v.Verify(secret)
 			require.NoError(t, err)
 
 			rc := (*livekit.RoomConfiguration)(claims.RoomConfig)
diff --git a/auth/verifier.go b/auth/verifier.go
index 715a5f4ed..bcaa22bff 100644
--- a/auth/verifier.go
+++ b/auth/verifier.go
@@ -58,9 +58,9 @@ func (v *APIKeyTokenVerifier) Identity() string {
 	return v.identity
 }
 
-func (v *APIKeyTokenVerifier) Verify(key interface{}) (*ClaimGrants, error) {
+func (v *APIKeyTokenVerifier) Verify(key interface{}) (*jwt.Claims, *ClaimGrants, error) {
 	if key == nil || key == "" {
-		return nil, ErrKeysMissing
+		return nil, nil, ErrKeysMissing
 	}
 	if s, ok := key.(string); ok {
 		key = []byte(s)
@@ -68,13 +68,13 @@ func (v *APIKeyTokenVerifier) Verify(key interface{}) (*ClaimGrants, error) {
 	out := jwt.Claims{}
 	claims := ClaimGrants{}
 	if err := v.token.Claims(key, &out, &claims); err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 	if err := out.Validate(jwt.Expected{Issuer: v.apiKey, Time: time.Now()}); err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
 	// copy over identity
 	claims.Identity = v.identity
-	return &claims, nil
+	return &out, &claims, nil
 }
diff --git a/auth/verifier_test.go b/auth/verifier_test.go
index 27ff7d40a..37d8f2ab3 100644
--- a/auth/verifier_test.go
+++ b/auth/verifier_test.go
@@ -33,10 +33,10 @@ func TestVerifier(t *testing.T) {
 		require.NoError(t, err)
 
 		require.Equal(t, apiKey, v.APIKey())
-		_, err = v.Verify("")
+		_, _, err = v.Verify("")
 		require.Error(t, err)
 
-		_, err = v.Verify("anothersecret")
+		_, _, err = v.Verify("anothersecret")
 		require.Error(t, err)
 	})
 
@@ -44,7 +44,7 @@ func TestVerifier(t *testing.T) {
 		v, err := auth.ParseAPIToken(accessToken)
 		require.NoError(t, err)
 
-		_, err = v.Verify(secret)
+		_, _, err = v.Verify(secret)
 		require.Error(t, err)
 	})
 
@@ -62,7 +62,7 @@ func TestVerifier(t *testing.T) {
 		require.Equal(t, apiKey, v.APIKey())
 		require.Equal(t, "me", v.Identity())
 
-		decoded, err := v.Verify(secret)
+		_, decoded, err := v.Verify(secret)
 		require.NoError(t, err)
 		require.Equal(t, &claim, decoded.Video)
 	})
@@ -88,7 +88,7 @@ func TestVerifier(t *testing.T) {
 		v, err := auth.ParseAPIToken(authToken)
 		require.NoError(t, err)
 
-		decoded, err := v.Verify(secret)
+		_, decoded, err := v.Verify(secret)
 		require.NoError(t, err)
 
 		require.EqualValues(t, string(md), decoded.Metadata)
@@ -108,7 +108,7 @@ func TestVerifier(t *testing.T) {
 
 		v, err := auth.ParseAPIToken(token)
 		require.NoError(t, err)
-		decoded, err := v.Verify(secret)
+		_, decoded, err := v.Verify(secret)
 		require.NoError(t, err)
 
 		require.Nil(t, decoded.Video.CanSubscribe)
diff --git a/livekit/types.go b/livekit/types.go
index 37e3d4c6c..1dba514e1 100644
--- a/livekit/types.go
+++ b/livekit/types.go
@@ -59,6 +59,9 @@ func (s NodeID) String() string              { return string(s) }
 func (s JobID) String() string               { return string(s) }
 func (s DispatchID) String() string          { return string(s) }
 func (s AgentName) String() string           { return string(s) }
+func (s ParticipantKey) String() string {
+	return fmt.Sprintf("%s_%s_%s", s.ProjectID, s.RoomName, s.Identity)
+}
 
 type stringTypes interface {
 	ParticipantID | RoomID | TrackID | ParticipantIdentity | ParticipantName | RoomName | ConnectionID | NodeID
diff --git a/webhook/verifier.go b/webhook/verifier.go
index 017557ca9..69eda2111 100644
--- a/webhook/verifier.go
+++ b/webhook/verifier.go
@@ -51,7 +51,7 @@ func Receive(r *http.Request, provider auth.KeyProvider) ([]byte, error) {
 		return nil, ErrSecretNotFound
 	}
 
-	claims, err := v.Verify(secret)
+	_, claims, err := v.Verify(secret)
 	if err != nil {
 		return nil, err
 	}