diff --git a/packages/backend/src/infrastructure/middleware/withSecured.ts b/packages/backend/src/infrastructure/middleware/withSecured.ts
index dca86482..d6b25e34 100644
--- a/packages/backend/src/infrastructure/middleware/withSecured.ts
+++ b/packages/backend/src/infrastructure/middleware/withSecured.ts
@@ -40,7 +40,8 @@ export function withSecured(...roles: KeycloakRole[]): RequestHandler[] {
       // eslint-disable-next-line @typescript-eslint/no-explicit-any
     } catch (error: any) {
       if (!error.content) {
-        res.status(500).send({ error });
+        res?.status(500).send({ error });
+        return;
       }
       const typedError = error as ErrorResponse;
       const content = typedError.content;
diff --git a/packages/backend/src/infrastructure/repository/impl/KeycloakRepository.ts b/packages/backend/src/infrastructure/repository/impl/KeycloakRepository.ts
index 5d75e865..4b6f79a6 100644
--- a/packages/backend/src/infrastructure/repository/impl/KeycloakRepository.ts
+++ b/packages/backend/src/infrastructure/repository/impl/KeycloakRepository.ts
@@ -29,7 +29,7 @@ export class KeycloakDao {
 
   public async getToken(): Promise<string> {
     if (this.token && this.tokenExpiresAt && Date.now() < this.tokenExpiresAt) {
-      // return this.token;
+      return this.token;
     }
 
     const response = await axios.post(
@@ -43,7 +43,7 @@ export class KeycloakDao {
     );
 
     this.token = response.data.access_token;
-    this.tokenExpiresAt = Date.now() + response.data.expires_in * 1000 - 60000;
+    this.tokenExpiresAt = Date.now() + response.data.expires_in * 1000;
 
     return this.token;
   }
@@ -52,17 +52,17 @@ export class KeycloakDao {
     const token = await this.getToken();
     return {
       headers: {
-        Authorization: `Bearer ${token}`,
+        Authorization: `bearer ${token}`,
       },
     } satisfies AxiosRequestConfig;
   }
 
-  protected auth(): string {
+  protected auth() {
     return new URLSearchParams({
-      grant_type: "client_credentials",
       client_id: this.KEYCLOAK_ADMIN_CLI_ID,
       client_secret: this.KEYCLOAK_ADMIN_CLI_SECRET,
-    }).toString();
+      grant_type: "client_credentials",
+    });
   }
 
   protected genericEndpoint(path: string, asAdmin: boolean): string {