diff --git a/app/dao/api_key_dao.py b/app/dao/api_key_dao.py
index 66938605a..be0d53461 100644
--- a/app/dao/api_key_dao.py
+++ b/app/dao/api_key_dao.py
@@ -44,13 +44,19 @@ def get_model_api_keys(service_id, id=None):
             .one()
         )
     seven_days_ago = utc_now() - timedelta(days=7)
-    return ApiKey.query.filter(
-        or_(
-            ApiKey.expiry_date == None,  # noqa
-            func.date(ApiKey.expiry_date) > seven_days_ago,  # noqa
-        ),
-        ApiKey.service_id == service_id,
-    ).all()
+    return (
+        db.session.execute(
+            select(ApiKey).where(
+                or_(
+                    ApiKey.expiry_date == None,  # noqa
+                    func.date(ApiKey.expiry_date) > seven_days_ago,  # noqa
+                ),
+                ApiKey.service_id == service_id,
+            )
+        )
+        .scalars()
+        .all()
+    )
 
 
 def get_unsigned_secrets(service_id):
diff --git a/app/dao/fact_processing_time_dao.py b/app/dao/fact_processing_time_dao.py
index af8efcf10..2bab55072 100644
--- a/app/dao/fact_processing_time_dao.py
+++ b/app/dao/fact_processing_time_dao.py
@@ -59,4 +59,4 @@ def get_processing_time_percentage_for_date_range(start_date, end_date):
         .order_by(FactProcessingTime.local_date)
     )
 
-    return query.all()
+    return db.session.execute(query).scalars().all()
diff --git a/app/dao/inbound_sms_dao.py b/app/dao/inbound_sms_dao.py
index c9b4417e3..3b9a49515 100644
--- a/app/dao/inbound_sms_dao.py
+++ b/app/dao/inbound_sms_dao.py
@@ -53,9 +53,19 @@ def dao_get_paginated_inbound_sms_for_service_for_public_api(
         filters.append(InboundSms.created_at < older_than_created_at)
 
     # As part of the move to sqlalchemy 2.0, we do this manual pagination
-    query = db.session.query(InboundSms).filter(*filters)
-    paginated_items = query.order_by(desc(InboundSms.created_at)).limit(page_size).all()
-    return paginated_items
+    stmt = (
+        select(InboundSms)
+        .filter(*filters)
+        .order_by(desc(InboundSms.created_at))
+        .limit(page_size)
+    )
+    paginated_items = db.session.execute(stmt).scalars().all()
+
+    page = 1  # ?
+    offset = (page - 1) * page_size
+    paginated_results = paginated_items[offset : offset + page_size]
+    pagination = Pagination(paginated_results, page, page_size, len(paginated_results))
+    return pagination
 
 
 def dao_count_inbound_sms_for_service(service_id, limit_days):
diff --git a/tests/__init__.py b/tests/__init__.py
index eeb1c2ae2..f2d19010b 100644
--- a/tests/__init__.py
+++ b/tests/__init__.py
@@ -2,7 +2,9 @@ import uuid
 
 from flask import current_app
 from notifications_python_client.authentication import create_jwt_token
+from sqlalchemy import select
 
+from app import db
 from app.dao.api_key_dao import save_model_api_key
 from app.dao.services_dao import dao_fetch_service_by_id
 from app.enums import KeyType
@@ -11,7 +13,12 @@ from app.models import ApiKey
 
 def create_service_authorization_header(service_id, key_type=KeyType.NORMAL):
     client_id = str(service_id)
-    secrets = ApiKey.query.filter_by(service_id=service_id, key_type=key_type).all()
+    secrets = (
+        db.session.execute(select(ApiKey))
+        .filter_by(service_id=service_id, key_type=key_type)
+        .scalars()
+        .all()
+    )
 
     if secrets:
         secret = secrets[0].secret