diff --git a/lib/sso_bsn_web/controllers/user_session_controller.ex b/lib/sso_bsn_web/controllers/user_session_controller.ex
index b4a81a1..a9d16e2 100644
--- a/lib/sso_bsn_web/controllers/user_session_controller.ex
+++ b/lib/sso_bsn_web/controllers/user_session_controller.ex
@@ -24,12 +24,17 @@ defmodule SsoBsnWeb.UserSessionController do
   end
 
   def check_auth(conn, _params) do
-    user = conn.assigns[:current_user]
-    conn
-    |> put_resp_header("X-Auth-Username", user.username)
-    |> json(%{
-      username: user.username
-    })
+    if user = conn.assigns[:current_user] do
+      conn
+      |> put_resp_header("X-Auth-Username", user.username)
+      |> json(%{
+        username: user.username
+      })
+    else 
+      conn
+      |> put_status(:unauthorized)
+      |> text("Unauthorized")
+    end
   end
 
   def redirect_next(conn, %{ "next" => next }) do
diff --git a/lib/sso_bsn_web/router.ex b/lib/sso_bsn_web/router.ex
index a094818..5525c5d 100644
--- a/lib/sso_bsn_web/router.ex
+++ b/lib/sso_bsn_web/router.ex
@@ -75,7 +75,7 @@ defmodule SsoBsnWeb.Router do
   end
 
   scope "/", SsoBsnWeb do
-    pipe_through [:api, :fetch_session, :fetch_current_user, :require_authenticated_user]
+    pipe_through [:api, :fetch_session, :fetch_current_user]
 
     get "/whoami", UserSessionController, :check_auth
   end