diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/filters/ApiFilter.java b/jams-server/src/main/java/net/jami/jams/server/servlets/filters/ApiFilter.java
index 433bc8a21f99e48d3451031a8c0d08348e91b90b..ab5d34c699c7336e548c0ebacc5fe342dd88d346 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/filters/ApiFilter.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/filters/ApiFilter.java
@@ -66,8 +66,9 @@ public class ApiFilter implements Filter {
             //This is a backward compatibility function to provide the ability for clients to use the
             //authorization header instead of tokens.
             if(request.getHeader("authorization") != null){
-                AuthTokenResponse res = processUsernamePasswordAuth(request.getHeader("authorization"));
+                AuthTokenResponse res = null;
                 try {
+                    res = processUsernamePasswordAuth(request.getHeader("authorization"));
                     SignedJWT token = SignedJWT.parse(res.getAccess_token());
                     request.setAttribute("username", token.getJWTClaimsSet().getSubject());
                     request.setAttribute("accessLevel",AccessLevel.valueOf(token.getJWTClaimsSet().getClaim("scope").toString()));