diff --git a/app/modules_app/auth/login.php b/app/modules_app/auth/login.php
index bef8dde..0618ced 100644
--- a/app/modules_app/auth/login.php
+++ b/app/modules_app/auth/login.php
@@ -46,9 +46,10 @@ if (!$secret || strlen($secret) < 32) {
     json_error('Server configuration error', 500);
 }
 $payload = [
-    'user_id' => $user['id'],
-    'role'    => $user['role'],
-    'exp'     => time() + (15 * 60) // 15 minutes
+    'user_id'   => $user['id'],
+    'tenant_id' => $user['tenant_id'],
+    'role'      => $user['role'],
+    'exp'       => time() + (15 * 60) // 15 minutes
 ];
 
 $token = JWT::encode($payload, $secret);
diff --git a/app/modules_app/companies/create.php b/app/modules_app/companies/create.php
index 058be0c..9ab3bab 100644
--- a/app/modules_app/companies/create.php
+++ b/app/modules_app/companies/create.php
@@ -63,14 +63,8 @@ try {
         date('Y-m-d H:i:s')
     ]);
     
-    $companyId = $db->lastInsertId();
-
-    // 4. Pivot link
-    $stmt = $db->prepare("INSERT INTO user_companies (user_id, company_id, role) VALUES (?, ?, ?)");
-    $stmt->execute([$decoded['user_id'], $companyId, 'admin']);
-
     $db->commit();
-    json_success(['id' => $companyId], 'تم إنشاء الشركة بنجاح');
+    json_success(null, 'تم إنشاء الشركة بنجاح');
 
 } catch (\Exception $e) {
     $db->rollBack();
diff --git a/app/modules_app/companies/index.php b/app/modules_app/companies/index.php
index 75eed8d..9937c14 100644
--- a/app/modules_app/companies/index.php
+++ b/app/modules_app/companies/index.php
@@ -13,14 +13,21 @@ $db = Database::getInstance();
 // 1. Super Admin sees ALL companies
 if ($decoded['role'] === 'super_admin') {
     $stmt = $db->query("SELECT * FROM companies WHERE deleted_at IS NULL");
-} else {
-    // 2. Others see only linked companies
-    $stmt = $db->prepare("
-        SELECT c.* FROM companies c
-        JOIN user_companies uc ON c.id = uc.company_id
-        WHERE uc.user_id = ? AND c.deleted_at IS NULL
-    ");
-    $stmt->execute([$decoded['user_id']]);
+} 
+// 2. Admin sees all companies in their tenant
+else if ($decoded['role'] === 'admin') {
+    $stmt = $db->prepare("SELECT * FROM companies WHERE tenant_id = ? AND deleted_at IS NULL");
+    $stmt->execute([$decoded['tenant_id']]);
+}
+// 3. Others (accountant, etc) see only their assigned company
+else {
+    // Need to get their assigned company_id from users table first
+    $stmtUser = $db->prepare("SELECT company_id FROM users WHERE id = ?");
+    $stmtUser->execute([$decoded['user_id']]);
+    $assignedCompanyId = $stmtUser->fetchColumn();
+
+    $stmt = $db->prepare("SELECT * FROM companies WHERE id = ? AND deleted_at IS NULL");
+    $stmt->execute([$assignedCompanyId]);
 }
 
 $companies = $stmt->fetchAll();
diff --git a/scripts/migrate.php b/scripts/migrate.php
index d63e4f0..a7bda21 100644
--- a/scripts/migrate.php
+++ b/scripts/migrate.php
@@ -56,50 +56,6 @@ foreach ($users as $user) {
 echo "User ID {$user['id']} migrated successfully.\n";
 }
 
-// 3. Create companies table (Updated to match production schema)
-try {
-    $db->exec("CREATE TABLE IF NOT EXISTS companies (
-        id INT AUTO_INCREMENT PRIMARY KEY,
-        tenant_id INT,
-        name VARCHAR(255) NOT NULL,
-        name_en VARCHAR(255),
-        tax_identification_number VARCHAR(50),
-        commercial_registration_number VARCHAR(50),
-        address TEXT,
-        city VARCHAR(100),
-        contact_email VARCHAR(255),
-        contact_phone VARCHAR(50),
-        jofotara_client_id_encrypted TEXT,
-        jofotara_secret_key_encrypted TEXT,
-        jofotara_income_source_sequence VARCHAR(50),
-        certificate_path VARCHAR(255),
-        certificate_password_encrypted TEXT,
-        is_jofotara_linked TINYINT(1) DEFAULT 0,
-        is_active TINYINT(1) DEFAULT 1,
-        created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
-        updated_at DATETIME DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
-        deleted_at DATETIME DEFAULT NULL
-    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
-    echo "[OK] Companies table synchronized with production schema.\n";
-} catch (\Exception $e) {
-    echo "[ERROR] Synchronizing companies table: " . $e->getMessage() . "\n";
-}
-
-// 4. Create user_companies pivot table
-try {
-    $db->exec("CREATE TABLE IF NOT EXISTS user_companies (
-        id INT AUTO_INCREMENT PRIMARY KEY,
-        user_id INT NOT NULL,
-        company_id INT NOT NULL,
-        role VARCHAR(50) DEFAULT 'employee',
-        created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
-        UNIQUE KEY user_company (user_id, company_id),
-        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
-        FOREIGN KEY (company_id) REFERENCES companies(id) ON DELETE CASCADE
-    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4");
-    echo "[OK] User_companies table created or exists.\n";
-} catch (\Exception $e) {
-    echo "[ERROR] Creating user_companies table: " . $e->getMessage() . "\n";
-}
+// (Table creation logic removed because it is properly handled by schema.sql)
 
 echo "--- Migration Complete ---\n";