diff --git a/lnbits/decorators.py b/lnbits/decorators.py
index 6685cfb2d..090c11c51 100644
--- a/lnbits/decorators.py
+++ b/lnbits/decorators.py
@@ -199,7 +199,13 @@ async def require_invoice_key(
     api_key_header: str = Security(api_key_header),  # type: ignore
     api_key_query: str = Security(api_key_query),  # type: ignore
 ):
-    token = api_key_header if api_key_header else api_key_query
+    token = api_key_header or api_key_query
+
+    if token is None:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invoice (or Admin) key required.",
+        )
 
     wallet = await get_key_type(r, token)
 
diff --git a/tests/core/views/test_api.py b/tests/core/views/test_api.py
index 501379b8f..219762d3c 100644
--- a/tests/core/views/test_api.py
+++ b/tests/core/views/test_api.py
@@ -45,6 +45,13 @@ async def test_get_wallet_adminkey(client, adminkey_headers_to):
     assert "id" in result
 
 
+# check POST /api/v1/payments: empty request
+@pytest.mark.asyncio
+async def test_post_empty_request(client):
+    response = await client.post("/api/v1/payments")
+    assert response.status_code == 401
+
+
 # check POST /api/v1/payments: invoice creation
 @pytest.mark.asyncio
 async def test_create_invoice(client, inkey_headers_to):