diff --git a/sso.js b/sso.js
index abff4fe..eca0d34 100644
--- a/sso.js
+++ b/sso.js
@@ -85,6 +85,12 @@ app.post("/api/v1/sso/kcauth", async (req, res) => {
 
     const cookies = req.cookies;
     const tokenSSO = cookies[cookieName];
+
+    if (!tokenSSO) {
+      res.status(401).send("Unauthorized");
+      return;
+    }
+
     const oldssotoken = cookies['oldssotoken'];
 
     if (tokenSSO !== oldssotoken) {