diff --git a/authorize/grpc.go b/authorize/grpc.go
index fa1a70e90..490725fee 100644
--- a/authorize/grpc.go
+++ b/authorize/grpc.go
@@ -27,6 +27,9 @@ func (a *Authorize) IsAuthorized(ctx context.Context, in *authorize.IsAuthorized
 		URL:        getFullURL(in.GetRequestUrl(), in.GetRequestHost()),
 	}
 	reply, err := a.pe.IsAuthorized(ctx, req)
+	if err != nil {
+		return nil, err
+	}
 	log.Info().
 		// request
 		Str("method", req.Method).
@@ -38,7 +41,7 @@ func (a *Authorize) IsAuthorized(ctx context.Context, in *authorize.IsAuthorized
 		Str("email", reply.Email).
 		Strs("groups", reply.Groups).
 		Msg("authorize.grpc.IsAuthorized")
-	return reply, err
+	return reply, nil
 }
 
 type protoHeader map[string]*authorize.IsAuthorizedRequest_Headers
diff --git a/authorize/grpc_test.go b/authorize/grpc_test.go
index c4a765957..f53628eb4 100644
--- a/authorize/grpc_test.go
+++ b/authorize/grpc_test.go
@@ -23,7 +23,7 @@ func TestAuthorize_IsAuthorized(t *testing.T) {
 		wantErr bool
 	}{
 		{"good", &authorize.IsAuthorizedReply{}, nil, context.TODO(), &authorize.IsAuthorizedRequest{UserToken: "good"}, &authorize.IsAuthorizedReply{}, false},
-		{"error", &authorize.IsAuthorizedReply{}, errors.New("error"), context.TODO(), &authorize.IsAuthorizedRequest{UserToken: "good"}, &authorize.IsAuthorizedReply{}, true},
+		{"error", &authorize.IsAuthorizedReply{}, errors.New("error"), context.TODO(), &authorize.IsAuthorizedRequest{UserToken: "good"}, nil, true},
 		{"headers", &authorize.IsAuthorizedReply{}, nil, context.TODO(), &authorize.IsAuthorizedRequest{UserToken: "good", RequestHeaders: nil}, &authorize.IsAuthorizedReply{}, false},
 	}
 	for _, tt := range tests {