diff --git a/lib/ontologies_linked_data/security/authorization.rb b/lib/ontologies_linked_data/security/authorization.rb
index e64fe9f9..7e246326 100644
--- a/lib/ontologies_linked_data/security/authorization.rb
+++ b/lib/ontologies_linked_data/security/authorization.rb
@@ -78,6 +78,8 @@ def find_apikey(env, params)
           apikey = params["apikey"]
         elsif apikey.nil? && header_auth
           token = Rack::Utils.parse_query(header_auth.split(" ")[1])
+          return unless token["token"]
+
           # Strip spaces from start and end of string
           apikey = token["token"].gsub(/\"/, "")
           # If the user apikey is passed, use that instead
diff --git a/test/rack/test_request_authorization.rb b/test/rack/test_request_authorization.rb
index 0852a4c1..c57cebc5 100644
--- a/test/rack/test_request_authorization.rb
+++ b/test/rack/test_request_authorization.rb
@@ -60,31 +60,32 @@ def _delete_user
 
   def test_authorize
     get "/ontologies"
-    assert last_response.status == 401
+    assert_equal 401, last_response.status
+    get "/ontologies", {}, {"Authorization" => "bogus auth header"}
+    assert_equal 401, last_response.status
     get "/ontologies", {}, {"Authorization" => 'apikey token="'+@apikey+''+'"'}
-    assert last_response.status == 200
+    assert_equal 200, last_response.status
     apikey = MultiJson.load(last_response.body)
     assert @apikey.eql?(apikey)
     get "/ontologies", {}, {"Authorization" => "apikey token=#{@apikey}"}
-    assert last_response.status == 200
+    assert_equal 200, last_response.status
     apikey = MultiJson.load(last_response.body)
-    assert @apikey.eql?(apikey)
+    assert_equal @apikey, apikey
     get "/ontologies?apikey=#{@apikey}"
-    assert last_response.status == 200
+    assert_equal 200, last_response.status
     apikey = MultiJson.load(last_response.body)
-    assert @apikey.eql?(apikey)
+    assert_equal @apikey, apikey
     get "/ontologies", {}, {"Authorization" => 'apikey token="'+@apikey+'&userapikey='+@userapikey+'"'}
-    assert last_response.status == 200
+    assert_equal 200, last_response.status
     apikey = MultiJson.load(last_response.body)
-    assert @userapikey.eql?(apikey)
+    assert_equal @userapikey, apikey
     get "/ontologies", {}, {"Authorization" => "apikey token=#{@apikey}&userapikey=#{@userapikey}"}
-    assert last_response.status == 200
+    assert_equal 200, last_response.status
     apikey = MultiJson.load(last_response.body)
-    assert @userapikey.eql?(apikey)
+    assert_equal @userapikey, apikey
     get "/ontologies?apikey=#{@apikey}&userapikey=#{@userapikey}"
-    assert last_response.status == 200
+    assert_equal 200, last_response.status
     apikey = MultiJson.load(last_response.body)
-    assert @userapikey.eql?(apikey)
+    assert_equal @userapikey, apikey
   end
-
 end