diff --git a/src/auth_manager.cpp b/src/auth_manager.cpp
index c763694e..cb7a3231 100644
--- a/src/auth_manager.cpp
+++ b/src/auth_manager.cpp
@@ -391,7 +391,7 @@ bool AuthManager::add_item_to_params(std::map<std::string, std::string>& req_par
     if(req_params.count(item.key()) == 0) {
         req_params[item.key()] = str_value;
     } else if(item.key() == "filter_by") {
-        req_params[item.key()] = req_params[item.key()] + "&&" + str_value;
+        req_params[item.key()] = "(" + req_params[item.key()] + ") && (" + str_value + ")";
     } else if(overwrite) {
         req_params[item.key()] = str_value;
     }
diff --git a/test/collection_manager_test.cpp b/test/collection_manager_test.cpp
index 552b4098..e2115ef7 100644
--- a/test/collection_manager_test.cpp
+++ b/test/collection_manager_test.cpp
@@ -547,7 +547,7 @@ TEST_F(CollectionManagerTest, VerifyEmbeddedParametersOfScopedAPIKey) {
     ASSERT_EQ(1, res_obj["found"].get<size_t>());
     ASSERT_EQ(1, res_obj["hits"].size());
     ASSERT_STREQ("1", results["hits"][0]["document"]["id"].get<std::string>().c_str());
-    ASSERT_EQ("year: 1922&&points: 200", req_params["filter_by"]);
+    ASSERT_EQ("(year: 1922) && (points: 200)", req_params["filter_by"]);
 
     collectionManager.drop_collection("coll1");
 }
diff --git a/test/core_api_utils_test.cpp b/test/core_api_utils_test.cpp
index 00de857a..fecd2606 100644
--- a/test/core_api_utils_test.cpp
+++ b/test/core_api_utils_test.cpp
@@ -197,7 +197,7 @@ TEST_F(CoreAPIUtilsTest, MultiSearchEmbeddedKeys) {
     post_multi_search(req, res);
 
     // ensure that req params are appended to (embedded params are also rolled into req params)
-    ASSERT_EQ("user_id: 100&&age: > 100&&foo: bar", req->params["filter_by"]);
+    ASSERT_EQ("((user_id: 100) && (age: > 100)) && (foo: bar)", req->params["filter_by"]);
 
     // try setting max search limit
     req->embedded_params_vec[0]["limit_multi_searches"] = 0;