diff --git a/src/helpers/http/jwt/decode/index.ts b/src/helpers/http/jwt/decode/index.ts
index caed720..36aee54 100644
--- a/src/helpers/http/jwt/decode/index.ts
+++ b/src/helpers/http/jwt/decode/index.ts
@@ -9,7 +9,7 @@ export const jwtDecode = (payload: string) => {
   try {
     const decodedPayload = jwt.verify(payload, JWTKey);
     return decodedPayload as JWTAuthToken;
-  } catch (error) {
-    throw new AppError(401, "Invalid or expired token", error);
+  } catch {
+    throw new AppError(403, "Invalid or expired token");
   }
 };
diff --git a/src/modules/auth/services/http/tokenValidation.service.ts b/src/modules/auth/services/http/tokenValidation.service.ts
index 602748c..6bf5b4a 100644
--- a/src/modules/auth/services/http/tokenValidation.service.ts
+++ b/src/modules/auth/services/http/tokenValidation.service.ts
@@ -1,9 +1,11 @@
+import { AppError } from "../../../../helpers/error/instances/app";
 import { ErrorForwarder } from "../../../../helpers/error/instances/forwarder";
 import { jwtDecode } from "../../../../helpers/http/jwt/decode";
 
 export const tokenValidationService = (payload: string) => {
   try {
-    if (!payload) return null;
+    if (!payload || payload.trim() === "")
+      throw new AppError(401, "Unauthorized: No token provided");
     const decoded = jwtDecode(payload);
     return decoded;
   } catch (error) {