diff --git a/src/auth/auth.service.spec.ts b/src/auth/auth.service.spec.ts
index 9e10f418a..4240afb4e 100644
--- a/src/auth/auth.service.spec.ts
+++ b/src/auth/auth.service.spec.ts
@@ -168,6 +168,12 @@ describe('AuthService', () => {
       );
       await service.setLastUsedToken(authToken.keyId);
     });
+    it('throws if the token is not in the database', async () => {
+      jest.spyOn(authTokenRepo, 'findOne').mockResolvedValueOnce(undefined);
+      await expect(service.setLastUsedToken(authToken.keyId)).rejects.toThrow(
+        NotInDBError,
+      );
+    });
   });
 
   describe('validateToken', () => {
@@ -227,6 +233,12 @@ describe('AuthService', () => {
       );
       await service.removeToken(authToken.keyId);
     });
+    it('throws if the token is not in the database', async () => {
+      jest.spyOn(authTokenRepo, 'findOne').mockResolvedValueOnce(undefined);
+      await expect(service.removeToken(authToken.keyId)).rejects.toThrow(
+        NotInDBError,
+      );
+    });
   });
 
   describe('createTokenForUser', () => {
diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
index 90fe642a7..d81a8d5c5 100644
--- a/src/auth/auth.service.ts
+++ b/src/auth/auth.service.ts
@@ -127,6 +127,9 @@ export class AuthService {
     const accessToken = await this.authTokenRepository.findOne({
       where: { keyId: keyId },
     });
+    if (accessToken === undefined) {
+      throw new NotInDBError(`AuthToken for key '${keyId}' not found`);
+    }
     accessToken.lastUsed = new Date();
     await this.authTokenRepository.save(accessToken);
   }
@@ -170,6 +173,9 @@ export class AuthService {
     const token = await this.authTokenRepository.findOne({
       where: { keyId: keyId },
     });
+    if (token === undefined) {
+      throw new NotInDBError(`AuthToken for key '${keyId}' not found`);
+    }
     await this.authTokenRepository.remove(token);
   }