diff --git a/auth/auth.go b/auth/auth.go
index 322b845..1547d02 100644
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -17,8 +17,8 @@ type AuthenticationHandler interface {
 
 // Account is an interface that gives the application access to infos about the user.
 type Account interface {
-	Get(string) interface{}
-	List() []string
+	Get(AccountConstant) interface{}
+	List() []AccountConstant
 	Anonymous() bool
 	Redirect(c *gin.Context)
 }
@@ -36,7 +36,7 @@ func (*AnonAccountHandler) Account(*gin.Context) Account {
 type AnonAccount struct{}
 
 // Get returns only AccountAnon = true
-func (*AnonAccount) Get(key string) (in interface{}) {
+func (*AnonAccount) Get(key AccountConstant) (in interface{}) {
 	if key == AccountAnon {
 		return true
 	}
@@ -44,8 +44,8 @@ func (*AnonAccount) Get(key string) (in interface{}) {
 }
 
 // List return only AccountAnon as the only Listitem
-func (*AnonAccount) List() []string {
-	return []string{AccountAnon}
+func (*AnonAccount) List() []AccountConstant {
+	return []AccountConstant{AccountAnon}
 }
 
 // Anonymous is always true
diff --git a/auth/enums.go b/auth/enums.go
index 65c716b..43ac448 100644
--- a/auth/enums.go
+++ b/auth/enums.go
@@ -1,11 +1,14 @@
 package auth
 
+// AccountConstant is an type for easier linting.
+type AccountConstant string
+
 // These are Constants to save specific attributes in single points of use.
 const (
 	// AccountID is the ID of the session. Prefferably it should be an UUIDv4 to mitigate security errors.
-	AccountID string = "jti"
+	AccountID AccountConstant = "jti"
 	// AccountAnon is to identify Sessions as Anonymous sessions.
-	AccountAnon string = "anon"
+	AccountAnon AccountConstant = "anon"
 	// AccountUser is an attribute that identifies the user with an string that is unique for the user, for Example the username.
-	AccountUser string = "uid"
+	AccountUser AccountConstant = "uid"
 )
diff --git a/menus/menus_test.go b/menus/menus_test.go
index 65fa6d4..f9a7550 100644
--- a/menus/menus_test.go
+++ b/menus/menus_test.go
@@ -5,6 +5,7 @@ import (
 	"testing"
 
 	"github.com/gin-gonic/gin"
+	"go.sebtobie.de/httpserver/auth"
 	"go.sebtobie.de/httpserver/menus"
 )
 
@@ -16,12 +17,12 @@ func (a *account) Anonymous() bool {
 	return !a.auth
 }
 
-func (*account) Get(string) interface{} {
+func (*account) Get(auth.AccountConstant) interface{} {
 	return nil
 }
 
-func (*account) List() []string {
-	return []string{}
+func (*account) List() []auth.AccountConstant {
+	return []auth.AccountConstant{}
 }
 
 func (*account) Redirect(*gin.Context) {
diff --git a/modules/saml/account.go b/modules/saml/account.go
index fb0ee7c..fbc0c58 100644
--- a/modules/saml/account.go
+++ b/modules/saml/account.go
@@ -14,8 +14,8 @@ import (
 )
 
 var defaccount = &account{
-	data: map[string]interface{}{
-		auth.AccountID:   "",
+	data: map[auth.AccountConstant]interface{}{
+		auth.AccountID:   uuid.Nil,
 		auth.AccountAnon: true,
 	},
 }
@@ -33,7 +33,6 @@ func (s *SAML) Account(c *gin.Context) auth.Account {
 	acc.s = s
 	cookie, err := c.Cookie(s.Cookiename)
 	if err != nil {
-		log.Debug().Err(err).Msg("Cookie error")
 		return acc
 	}
 	var (
@@ -46,7 +45,9 @@ func (s *SAML) Account(c *gin.Context) auth.Account {
 	}
 	if claim, ok = token.Claims.(*jwt.MapClaims); ok && token.Valid {
 		log.Debug().KeysAndValues(claim).Msg("Got valid token")
-		acc.data = *claim
+		for key, value := range *claim {
+			acc.data[auth.AccountConstant(key)] = value
+		}
 		return acc
 	}
 	log.Debug().Bool("valid", token.Valid).KeysAndValues(maptoarray(*claim)...).Msg("problem vith token")
@@ -62,7 +63,7 @@ func (s *SAML) signingkey(token *jwt.Token) (key interface{}, err error) {
 
 type account struct {
 	s    *SAML
-	data map[string]interface{}
+	data map[auth.AccountConstant]interface{}
 }
 
 func (a *account) Anonymous() bool {
@@ -72,8 +73,8 @@ func (a *account) Anonymous() bool {
 func (a *account) Redirect(c *gin.Context) {
 	id := uuid.New().String()
 	tokenstring, err := jwttoken(jwt.MapClaims{
-		auth.AccountID:   id,
-		auth.AccountAnon: true,
+		string(auth.AccountID):   id,
+		string(auth.AccountAnon): true,
 	}, a.s.jwtprivatekey)
 	if err != nil {
 		log.Error().Err(err).Msg("Failed to generate the token")
@@ -91,12 +92,12 @@ func (a *account) Redirect(c *gin.Context) {
 	c.Redirect(http.StatusSeeOther, request.Redirect(c.Request.URL.String()).String())
 }
 
-func (a *account) Get(key string) interface{} {
+func (a *account) Get(key auth.AccountConstant) interface{} {
 	return a.data[key]
 }
 
-func (a *account) List() []string {
-	liste := make([]string, len(a.data))
+func (a *account) List() []auth.AccountConstant {
+	var liste []auth.AccountConstant
 	for key := range a.data {
 		liste = append(liste, key)
 	}
diff --git a/modules/saml/saml.go b/modules/saml/saml.go
index 9318247..1c3701b 100644
--- a/modules/saml/saml.go
+++ b/modules/saml/saml.go
@@ -188,9 +188,9 @@ func (s *SAML) acsHF(c *gin.Context) {
 	}
 	data := attributeStatementstomap(assert.AttributeStatements)
 	token, err := jwttoken(jwt.MapClaims{
-		auth.AccountAnon: false,
-		auth.AccountID:   account.Get(auth.AccountID).(string),
-		auth.AccountUser: data["uid"][0],
+		string(auth.AccountAnon): false,
+		string(auth.AccountID):   account.Get(auth.AccountID).(string),
+		string(auth.AccountUser): data["uid"][0],
 	}, s.jwtprivatekey)
 	if err != nil {
 		c.AbortWithStatus(http.StatusInternalServerError)