diff --git a/server/api/middlewares/authentication.js b/server/api/middlewares/authentication.js
index b1efbaa41..fa96f5c52 100644
--- a/server/api/middlewares/authentication.js
+++ b/server/api/middlewares/authentication.js
@@ -50,6 +50,8 @@ export default function auth({ require = true } = {}) {
           throw httpErrors.Unauthorized('Invalid api key');
         }
 
+        if (!apiKey) throw httpErrors.Unauthorized('Invalid token');
+
         user = await User.findOne({
           where: { id: apiKey.userId },
         });