diff --git a/b0esche_cloud/lib/models/editor_session.dart b/b0esche_cloud/lib/models/editor_session.dart
index 6cc489d..0585846 100644
--- a/b0esche_cloud/lib/models/editor_session.dart
+++ b/b0esche_cloud/lib/models/editor_session.dart
@@ -2,21 +2,24 @@ import 'package:equatable/equatable.dart';
 
 class EditorSession extends Equatable {
   final Uri editUrl;
+  final String token;
   final bool readOnly;
   final DateTime expiresAt;
 
   const EditorSession({
     required this.editUrl,
+    required this.token,
     required this.readOnly,
     required this.expiresAt,
   });
 
   @override
-  List<Object?> get props => [editUrl, readOnly, expiresAt];
+  List<Object?> get props => [editUrl, token, readOnly, expiresAt];
 
   factory EditorSession.fromJson(Map<String, dynamic> json) {
     return EditorSession(
       editUrl: Uri.parse(json['editUrl']),
+      token: json['token'] ?? '',
       readOnly: json['readOnly'],
       expiresAt: DateTime.parse(json['expiresAt']),
     );
diff --git a/go_cloud/internal/http/routes.go b/go_cloud/internal/http/routes.go
index a5b7ddf..56e1f5b 100644
--- a/go_cloud/internal/http/routes.go
+++ b/go_cloud/internal/http/routes.go
@@ -104,10 +104,10 @@ func NewRouter(cfg *config.Config, db *database.DB, jwtManager *jwt.Manager, aut
 
 		// Org routes
 		r.Get("/orgs", func(w http.ResponseWriter, req *http.Request) {
-			listOrgsHandler(w, req, db, jwtManager)
+			listOrgsHandler(w, req, db)
 		})
 		r.Post("/orgs", func(w http.ResponseWriter, req *http.Request) {
-			createOrgHandler(w, req, db, auditLogger, jwtManager)
+			createOrgHandler(w, req, db, auditLogger)
 		})
 
 		// Org-scoped routes
@@ -243,7 +243,7 @@ func logoutHandler(w http.ResponseWriter, r *http.Request, jwtManager *jwt.Manag
 	w.Write([]byte(`{"status": "ok"}`))
 }
 
-func listOrgsHandler(w http.ResponseWriter, r *http.Request, db *database.DB, jwtManager *jwt.Manager) {
+func listOrgsHandler(w http.ResponseWriter, r *http.Request, db *database.DB) {
 	// User ID is already set by Auth middleware
 	userIDStr, ok := middleware.GetUserID(r.Context())
 	if !ok {
@@ -263,7 +263,7 @@ func listOrgsHandler(w http.ResponseWriter, r *http.Request, db *database.DB, jw
 	json.NewEncoder(w).Encode(orgs)
 }
 
-func createOrgHandler(w http.ResponseWriter, r *http.Request, db *database.DB, auditLogger *audit.Logger, jwtManager *jwt.Manager) {
+func createOrgHandler(w http.ResponseWriter, r *http.Request, db *database.DB, auditLogger *audit.Logger) {
 	// User ID is already set by Auth middleware
 	userIDStr, ok := middleware.GetUserID(r.Context())
 	if !ok {