diff --git a/app/controllers/shared/api/auth.php b/app/controllers/shared/api/auth.php
index 7f304454be..b3633043c2 100644
--- a/app/controllers/shared/api/auth.php
+++ b/app/controllers/shared/api/auth.php
@@ -18,7 +18,7 @@ App::init()
         $lastUpdate = $session->getAttribute('mfaUpdatedAt');
         if (!empty($lastUpdate)) {
             $now = DateTime::now();
-            $maxAllowedDate = DateTime::addSeconds($lastUpdate, Auth::MFA_RECENT_DURATION); // Maximum date until session is considered safe before asking for another challenge
+            $maxAllowedDate = DateTime::addSeconds(new \DateTime($lastUpdate), Auth::MFA_RECENT_DURATION); // Maximum date until session is considered safe before asking for another challenge
 
             $isSessionFresh = DateTime::formatTz($maxAllowedDate) >= DateTime::formatTz($now);
         }
diff --git a/src/Appwrite/Utopia/Response/Model/Session.php b/src/Appwrite/Utopia/Response/Model/Session.php
index 8b219ef1eb..43331d754f 100644
--- a/src/Appwrite/Utopia/Response/Model/Session.php
+++ b/src/Appwrite/Utopia/Response/Model/Session.php
@@ -22,6 +22,12 @@ class Session extends Model
                 'default' => '',
                 'example' => self::TYPE_DATETIME_EXAMPLE,
             ])
+            ->addRule('$updatedAt', [
+                'type' => self::TYPE_DATETIME,
+                'description' => 'Session update date in ISO 8601 format.',
+                'default' => '',
+                'example' => self::TYPE_DATETIME_EXAMPLE,
+            ])
             ->addRule('userId', [
                 'type' => self::TYPE_STRING,
                 'description' => 'User ID.',