diff --git a/internal/server/util/http.go b/internal/server/util/http.go
index 8f1bb6989e1..4ef1e265417 100644
--- a/internal/server/util/http.go
+++ b/internal/server/util/http.go
@@ -319,6 +319,16 @@ func CheckJwtToken(r *http.Request, trustedCerts map[string]x509.Certificate) (b
 		return false, "", nil
 	}
 
+	// Make sure this isn't an OIDC JWT.
+	issuer, err := token.Claims.GetIssuer()
+	if err != nil {
+		return false, "", nil
+	}
+
+	if issuer != "" {
+		return false, "", nil
+	}
+
 	// Check if the token is valid.
 	notBefore, err := token.Claims.GetNotBefore()
 	if err != nil {
@@ -330,7 +340,7 @@ func CheckJwtToken(r *http.Request, trustedCerts map[string]x509.Certificate) (b
 		return false, "", nil
 	}
 
-	if time.Now().Before(notBefore.Time) || time.Now().After(expiresAt.Time) {
+	if (notBefore != nil && time.Now().Before(notBefore.Time)) || (expiresAt != nil && time.Now().After(expiresAt.Time)) {
 		return false, "", nil
 	}