diff --git a/src/auth.py b/src/auth.py
index 0371811..f60e259 100644
--- a/src/auth.py
+++ b/src/auth.py
@@ -6,7 +6,7 @@ from fastapi import Depends, HTTPException, status
 from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
 from config import get_jwt_secret, JWT_ALGORITHM, JWT_EXPIRE_HOURS, TIMEZONE
 
-security = HTTPBearer()
+security = HTTPBearer(auto_error=False)
 
 
 JWT_ISSUER = "intelsight-osint"
@@ -63,6 +63,11 @@ async def get_current_user(
     credentials: HTTPAuthorizationCredentials = Depends(security),
 ) -> dict:
     """FastAPI Dependency: Aktuellen Nutzer aus Token extrahieren."""
+    if credentials is None:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Nicht authentifiziert",
+        )
     payload = decode_token(credentials.credentials)
     return {
         "id": int(payload["sub"]),