diff --git a/src/handlers/identity.ts b/src/handlers/identity.ts
index 4d24a3a..aad5648 100644
--- a/src/handlers/identity.ts
+++ b/src/handlers/identity.ts
@@ -85,6 +85,16 @@ export async function handleToken(request: Request, env: Env): Promise<Response>
       UserDecryptionOptions: {
         HasMasterPassword: true,
         Object: 'userDecryptionOptions',
+        MasterPasswordUnlock: {
+          Kdf: {
+            KdfType: user.kdfType,
+            Iterations: user.kdfIterations,
+            Memory: user.kdfMemory || null,
+            Parallelism: user.kdfParallelism || null,
+          },
+          MasterKeyEncryptedUserKey: user.key,
+          Salt: email, // email is already lowercased above
+        },
       },
     };
 
diff --git a/src/types/index.ts b/src/types/index.ts
index fad8c5b..9f7747c 100644
--- a/src/types/index.ts
+++ b/src/types/index.ts
@@ -145,6 +145,26 @@ export interface JWTPayload {
   premium: boolean;
 }
 
+// UserDecryptionOptions types for mobile client compatibility
+export interface MasterPasswordUnlockKdf {
+  KdfType: number;
+  Iterations: number;
+  Memory: number | null;
+  Parallelism: number | null;
+}
+
+export interface MasterPasswordUnlock {
+  Kdf: MasterPasswordUnlockKdf;
+  MasterKeyEncryptedUserKey: string;
+  Salt: string;
+}
+
+export interface UserDecryptionOptions {
+  HasMasterPassword: boolean;
+  Object: string;
+  MasterPasswordUnlock?: MasterPasswordUnlock;
+}
+
 // API Response types
 export interface TokenResponse {
   access_token: string;
@@ -161,10 +181,7 @@ export interface TokenResponse {
   ResetMasterPassword: boolean;
   scope: string;
   unofficialServer: boolean;
-  UserDecryptionOptions: {
-    HasMasterPassword: boolean;
-    Object: string;
-  };
+  UserDecryptionOptions: UserDecryptionOptions;
 }
 
 export interface ProfileResponse {