diff --git a/lib/guardian/db/token.ex b/lib/guardian/db/token.ex
index 6bed6da..6dc6f58 100644
--- a/lib/guardian/db/token.ex
+++ b/lib/guardian/db/token.ex
@@ -10,6 +10,7 @@ defmodule Guardian.DB.Token do
   alias Guardian.DB.Token
 
   @primary_key {:jti, :string, autogenerate: false}
+  @required_fields ~w(jti aud)a
   @allowed_fields ~w(jti typ aud iss sub exp jwt claims)a
 
   schema "virtual: token" do
@@ -52,6 +53,7 @@ defmodule Guardian.DB.Token do
     |> Ecto.put_meta(source: schema_name())
     |> Ecto.put_meta(prefix: prefix())
     |> cast(prepared_claims, @allowed_fields)
+    |> validate_required(@required_fields)
     |> Guardian.DB.repo().insert()
   end
 
diff --git a/test/guardian/db_fail_test.exs b/test/guardian/db_fail_test.exs
new file mode 100644
index 0000000..49f9b80
--- /dev/null
+++ b/test/guardian/db_fail_test.exs
@@ -0,0 +1,15 @@
+defmodule Guardian.DBFailTest do
+  alias Guardian.DB.Token
+  use Guardian.DB.TestSupport.CaseTemplate
+
+  test "after_encode_and_sign_in is fails", context do
+    token = get_token()
+    assert token == nil
+
+    {:error, :token_storage_failure} =
+      Guardian.DB.after_encode_and_sign(%{}, "token", %{}, "The JWT")
+
+    token = get_token()
+    assert token == nil
+  end
+end