diff --git a/internal/api/grpc/management/user.go b/internal/api/grpc/management/user.go
index c9f9cc2e97..7b1b109ede 100644
--- a/internal/api/grpc/management/user.go
+++ b/internal/api/grpc/management/user.go
@@ -26,12 +26,20 @@ import (
 	mgmt_pb "github.com/zitadel/zitadel/pkg/grpc/management"
 )
 
-func (s *Server) GetUserByID(ctx context.Context, req *mgmt_pb.GetUserByIDRequest) (*mgmt_pb.GetUserByIDResponse, error) {
+func (s *Server) getUserByID(ctx context.Context, id string) (*query.User, error) {
 	owner, err := query.NewUserResourceOwnerSearchQuery(authz.GetCtxData(ctx).OrgID, query.TextEquals)
 	if err != nil {
 		return nil, err
 	}
-	user, err := s.query.GetUserByID(ctx, true, req.Id, false, owner)
+	user, err := s.query.GetUserByID(ctx, true, id, false, owner)
+	if err != nil {
+		return nil, err
+	}
+	return user, nil
+}
+
+func (s *Server) GetUserByID(ctx context.Context, req *mgmt_pb.GetUserByIDRequest) (*mgmt_pb.GetUserByIDResponse, error) {
+	user, err := s.getUserByID(ctx, req.GetId())
 	if err != nil {
 		return nil, err
 	}
@@ -785,13 +793,18 @@ func (s *Server) GenerateMachineSecret(ctx context.Context, req *mgmt_pb.Generat
 	if err != nil {
 		return nil, err
 	}
+	user, err := s.getUserByID(ctx, req.GetUserId())
+	if err != nil {
+		return nil, err
+	}
+
 	set := new(command.GenerateMachineSecret)
 	details, err := s.command.GenerateMachineSecret(ctx, req.UserId, authz.GetCtxData(ctx).OrgID, secretGenerator, set)
 	if err != nil {
 		return nil, err
 	}
 	return &mgmt_pb.GenerateMachineSecretResponse{
-		ClientId:     set.ClientID,
+		ClientId:     user.PreferredLoginName,
 		ClientSecret: set.ClientSecret,
 		Details:      obj_grpc.DomainToAddDetailsPb(details),
 	}, nil
diff --git a/internal/command/user_machine_secret.go b/internal/command/user_machine_secret.go
index 577e18d3b1..a7a91b247f 100644
--- a/internal/command/user_machine_secret.go
+++ b/internal/command/user_machine_secret.go
@@ -14,7 +14,6 @@ import (
 )
 
 type GenerateMachineSecret struct {
-	ClientID     string
 	ClientSecret string
 }
 
@@ -53,7 +52,6 @@ func prepareGenerateMachineSecret(a *user.Aggregate, generator crypto.Generator,
 			if !isUserStateExists(writeModel.UserState) {
 				return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-x8910n", "Errors.User.NotExisting")
 			}
-			set.ClientID = writeModel.UserName
 
 			clientSecret, secretString, err := domain.NewMachineClientSecret(generator)
 			if err != nil {
diff --git a/internal/command/user_machine_secret_test.go b/internal/command/user_machine_secret_test.go
index 3965558e7a..490797b96d 100644
--- a/internal/command/user_machine_secret_test.go
+++ b/internal/command/user_machine_secret_test.go
@@ -137,7 +137,6 @@ func TestCommandSide_GenerateMachineSecret(t *testing.T) {
 					ResourceOwner: "org1",
 				},
 				secret: &GenerateMachineSecret{
-					ClientID:     "user1",
 					ClientSecret: "a",
 				},
 			},
@@ -157,7 +156,6 @@ func TestCommandSide_GenerateMachineSecret(t *testing.T) {
 			}
 			if tt.res.err == nil {
 				assert.Equal(t, tt.res.want, got)
-				assert.Equal(t, tt.args.set.ClientID, tt.res.secret.ClientID)
 				assert.Equal(t, tt.args.set.ClientSecret, tt.res.secret.ClientSecret)
 			}
 		})