diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/filters/ApiFilter.java b/jams-server/src/main/java/net/jami/jams/server/servlets/filters/ApiFilter.java
index 3a37aa151bf97c6b4fafda188e7dd94e56b269b2..5071d9b4aa05af0c31c68ce2c7a6d72a01ea1bf3 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/filters/ApiFilter.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/filters/ApiFilter.java
@@ -57,11 +57,11 @@ public class ApiFilter implements Filter {
                     JWSVerifier jwsVerifier = new RSASSAVerifier(userAuthenticationModule.getAuthModulePubKey());
                     signedJWT = SignedJWT.parse(request.getHeader("Bearer"));
                     if(signedJWT.verify(jwsVerifier) && verifyValidity(signedJWT)){
-                        //TODO: Push this to the client because we know the password was one-time
-                        signedJWT.getJWTClaimsSet().getClaim("oneTimePassword");
-
                         authsuccess = true;
                         request.setAttribute("username",signedJWT.getJWTClaimsSet().getSubject());
+                        if(signedJWT.getJWTClaimsSet().getClaim("oneTimePassword"){
+                            //TODO: use redirect to enforce the /changepassword url or something.
+                        }
                     }
                 } catch (Exception e) {
                     log.info("Received an invalid token, declining access...");