diff --git a/packages/strapi-admin/services/auth.js b/packages/strapi-admin/services/auth.js
index 98ca48ea2e..f5788820d5 100644
--- a/packages/strapi-admin/services/auth.js
+++ b/packages/strapi-admin/services/auth.js
@@ -13,9 +13,8 @@ const sanitizeUser = user => {
  * @param {object} admon - admin user
  */
 const createJwtToken = admin => {
-  const payload = _.pick(admin.toJSON ? admin.toJSON() : admin, ['_id', 'id']);
   return strapi.plugins['users-permissions'].services.jwt.issue({
-    ...payload,
+    id: admin.id,
     isAdmin: true,
   });
 };
diff --git a/packages/strapi-generate-api/json/routes.json.js b/packages/strapi-generate-api/json/routes.json.js
index 6fcc9e1fca..fc73816a88 100644
--- a/packages/strapi-generate-api/json/routes.json.js
+++ b/packages/strapi-generate-api/json/routes.json.js
@@ -16,9 +16,6 @@ const _ = require('lodash');
 
 module.exports = scope => {
   function generateRoutes() {
-    const tokenID =
-      scope.args.tpl && scope.args.tpl !== 'mongoose' ? 'id' : '_id';
-
     const routes = {
       routes: [
         {
@@ -39,7 +36,7 @@ module.exports = scope => {
         },
         {
           method: 'GET',
-          path: '/' + scope.idPluralized + '/:' + tokenID,
+          path: '/' + scope.idPluralized + '/:id',
           handler: scope.globalID + '.findOne',
           config: {
             policies: [],
@@ -55,7 +52,7 @@ module.exports = scope => {
         },
         {
           method: 'PUT',
-          path: '/' + scope.idPluralized + '/:' + tokenID,
+          path: '/' + scope.idPluralized + '/:id',
           handler: scope.globalID + '.update',
           config: {
             policies: [],
@@ -63,12 +60,12 @@ module.exports = scope => {
         },
         {
           method: 'DELETE',
-          path: '/' + scope.idPluralized + '/:' + tokenID,
+          path: '/' + scope.idPluralized + '/:id',
           handler: scope.globalID + '.delete',
           config: {
             policies: [],
           },
-        }
+        },
       ],
     };
 
diff --git a/packages/strapi-plugin-upload/services/Upload.js b/packages/strapi-plugin-upload/services/Upload.js
index cd89b7c40e..c375cb6b48 100644
--- a/packages/strapi-plugin-upload/services/Upload.js
+++ b/packages/strapi-plugin-upload/services/Upload.js
@@ -97,7 +97,7 @@ module.exports = {
 
   fetch(params) {
     return strapi.query('file', 'upload').findOne({
-      id: params._id || params.id,
+      id: params.id,
     });
   },
 
diff --git a/packages/strapi-plugin-users-permissions/config/policies/permissions.js b/packages/strapi-plugin-users-permissions/config/policies/permissions.js
index 672de9960e..55ae6bf4ad 100644
--- a/packages/strapi-plugin-users-permissions/config/policies/permissions.js
+++ b/packages/strapi-plugin-users-permissions/config/policies/permissions.js
@@ -5,22 +5,22 @@ module.exports = async (ctx, next) => {
 
   if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
     try {
-      const { _id, id, isAdmin = false } = await strapi.plugins[
+      const { id, isAdmin = false } = await strapi.plugins[
         'users-permissions'
       ].services.jwt.getToken(ctx);
 
-      if ((id || _id) === undefined) {
+      if (id === undefined) {
         throw new Error('Invalid token: Token did not contain required fields');
       }
 
       if (isAdmin) {
         ctx.state.admin = await strapi
           .query('administrator', 'admin')
-          .findOne({ id: _id || id });
+          .findOne({ id });
       } else {
         ctx.state.user = await strapi
           .query('user', 'users-permissions')
-          .findOne({ id: _id || id });
+          .findOne({ id });
       }
     } catch (err) {
       return handleErrors(ctx, err, 'unauthorized');
@@ -87,7 +87,7 @@ module.exports = async (ctx, next) => {
     .query('permission', 'users-permissions')
     .findOne(
       {
-        role: role._id || role.id,
+        role: role.id,
         type: route.plugin || 'application',
         controller: route.controller,
         action: route.action,
diff --git a/packages/strapi-plugin-users-permissions/config/schema.graphql b/packages/strapi-plugin-users-permissions/config/schema.graphql
index 6bebd3d457..e1593e1f9e 100644
--- a/packages/strapi-plugin-users-permissions/config/schema.graphql
+++ b/packages/strapi-plugin-users-permissions/config/schema.graphql
@@ -25,11 +25,6 @@ module.exports = {
     me: UsersPermissionsMe
   `,
   resolver: {
-    UsersPermissionsMe: {
-      id(obj) {
-        return obj.id || obj._id;
-      },
-    },
     Query: {
       me: {
         resolverOf: 'User.me',
diff --git a/packages/strapi-plugin-users-permissions/controllers/Auth.js b/packages/strapi-plugin-users-permissions/controllers/Auth.js
index fb04b42940..02f726833a 100644
--- a/packages/strapi-plugin-users-permissions/controllers/Auth.js
+++ b/packages/strapi-plugin-users-permissions/controllers/Auth.js
@@ -122,9 +122,9 @@ module.exports = {
         );
       } else {
         ctx.send({
-          jwt: strapi.plugins['users-permissions'].services.jwt.issue(
-            _.pick(user.toJSON ? user.toJSON() : user, ['_id', 'id'])
-          ),
+          jwt: strapi.plugins['users-permissions'].services.jwt.issue({
+            id: user.id,
+          }),
           user: _.omit(user.toJSON ? user.toJSON() : user, [
             'password',
             'resetPasswordToken',
@@ -157,9 +157,9 @@ module.exports = {
       }
 
       ctx.send({
-        jwt: strapi.plugins['users-permissions'].services.jwt.issue(
-          _.pick(user, ['_id', 'id'])
-        ),
+        jwt: strapi.plugins['users-permissions'].services.jwt.issue({
+          id: user.id,
+        }),
         user: _.omit(user.toJSON ? user.toJSON() : user, [
           'password',
           'resetPasswordToken',
@@ -203,9 +203,9 @@ module.exports = {
         .update({ id: user.id }, user);
 
       ctx.send({
-        jwt: strapi.plugins['users-permissions'].services.jwt.issue(
-          _.pick(user.toJSON ? user.toJSON() : user, ['_id', 'id'])
-        ),
+        jwt: strapi.plugins['users-permissions'].services.jwt.issue({
+          id: user.id,
+        }),
         user: _.omit(user.toJSON ? user.toJSON() : user, [
           'password',
           'resetPasswordToken',
@@ -418,7 +418,7 @@ module.exports = {
       params.email = params.email.toLowerCase();
     }
 
-    params.role = role._id || role.id;
+    params.role = role.id;
     params.password = await strapi.plugins[
       'users-permissions'
     ].services.user.hashPassword(params);
@@ -535,12 +535,12 @@ module.exports = {
   async emailConfirmation(ctx) {
     const params = ctx.query;
 
-    const user = await strapi.plugins['users-permissions'].services.jwt.verify(
-      params.confirmation
-    );
+    const decodedToken = await strapi.plugins[
+      'users-permissions'
+    ].services.jwt.verify(params.confirmation);
 
     await strapi.plugins['users-permissions'].services.user.edit(
-      _.pick(user, ['_id', 'id']),
+      { id: decodedToken.id },
       { confirmed: true }
     );
 
diff --git a/packages/strapi-plugin-users-permissions/controllers/UsersPermissions.js b/packages/strapi-plugin-users-permissions/controllers/UsersPermissions.js
index d861c9ead8..3d9563442a 100644
--- a/packages/strapi-plugin-users-permissions/controllers/UsersPermissions.js
+++ b/packages/strapi-plugin-users-permissions/controllers/UsersPermissions.js
@@ -48,7 +48,7 @@ module.exports = {
       .query('role', 'users-permissions')
       .findOne({ type: 'public' });
 
-    const publicRoleID = publicRole.id || publicRole._id;
+    const publicRoleID = publicRole.id;
 
     const roleID = ctx.params.role;
 
diff --git a/packages/strapi-plugin-users-permissions/services/Providers.js b/packages/strapi-plugin-users-permissions/services/Providers.js
index ebeba43e51..cccbc72232 100644
--- a/packages/strapi-plugin-users-permissions/services/Providers.js
+++ b/packages/strapi-plugin-users-permissions/services/Providers.js
@@ -97,7 +97,7 @@ exports.connect = (provider, query) => {
         // Create the new user.
         const params = _.assign(profile, {
           provider: provider,
-          role: defaultRole._id || defaultRole.id,
+          role: defaultRole.id,
         });
 
         const createdUser = await strapi
diff --git a/packages/strapi-plugin-users-permissions/services/UsersPermissions.js b/packages/strapi-plugin-users-permissions/services/UsersPermissions.js
index ac6d79ea0e..72f883598c 100644
--- a/packages/strapi-plugin-users-permissions/services/UsersPermissions.js
+++ b/packages/strapi-plugin-users-permissions/services/UsersPermissions.js
@@ -28,7 +28,7 @@ module.exports = {
             ).forEach(action => {
               acc.push(
                 strapi.query('permission', 'users-permissions').create({
-                  role: role._id || role.id,
+                  role: role.id,
                   type,
                   controller,
                   action: action.toLowerCase(),
@@ -72,7 +72,7 @@ module.exports = {
       acc.push(
         strapi.query('user', 'users-permissions').update(
           {
-            id: user._id || user.id,
+            id: user.id,
           },
           {
             role: publicRoleID,
@@ -87,7 +87,7 @@ module.exports = {
     role.permissions.forEach(permission => {
       arrayOfPromises.push(
         strapi.query('permission', 'users-permissions').delete({
-          id: permission._id || permission.id,
+          id: permission.id,
         })
       );
     });
@@ -225,8 +225,6 @@ module.exports = {
       .find({ _sort: 'name' }, []);
 
     for (let i = 0; i < roles.length; ++i) {
-      roles[i].id = roles[i].id || roles[i]._id;
-
       roles[i].nb_users = await strapi
         .query('user', 'users-permissions')
         .count({ role: roles[i].id });
@@ -411,7 +409,7 @@ module.exports = {
           toAdd.map(action => {
             const data = {
               ...defaultPolicy(action, role),
-              ...{ role: role.id || role._id },
+              role: role.id,
             };
 
             return query.create(data);