diff --git a/neon_hana/auth/client_manager.py b/neon_hana/auth/client_manager.py
index 77c84f3..7a5f7b1 100644
--- a/neon_hana/auth/client_manager.py
+++ b/neon_hana/auth/client_manager.py
@@ -272,9 +272,9 @@ def check_refresh_request(self, access_token: Optional[str],
         except ExpiredSignatureError:
             raise HTTPException(status_code=401,
                                 detail="Refresh token is expired")
-        # if refresh_data.jti != token_data.jti + ".refresh":
-        #     raise HTTPException(status_code=403,
-        #                         detail="Refresh and access token mismatch")
+        if refresh_data.jti != token_data.jti + ".refresh":
+            raise HTTPException(status_code=403,
+                                detail="Refresh and access token mismatch")
         if time() > refresh_data.exp:
             raise HTTPException(status_code=401,
                                 detail="Refresh token is expired")
diff --git a/tests/test_auth.py b/tests/test_auth.py
index c6e5139..b5270d1 100644
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@@ -127,8 +127,8 @@ def test_check_refresh_request(self):
 
         # Test valid refresh
         valid_refresh = self.client_manager.check_refresh_request(
-            access, refresh, config.client_id)
-        self.assertEqual(valid_refresh.client_id, config.client_id)
+            access, refresh, config['access'].client_id)
+        self.assertEqual(valid_refresh.client_id, config['access'].client_id)
         self.assertNotEqual(valid_refresh.access_token, access)
         self.assertNotEqual(valid_refresh.refresh_token, refresh)