diff --git a/authentik/api/auth.py b/authentik/api/auth.py
index a2f36c208..f0baa6ed8 100644
--- a/authentik/api/auth.py
+++ b/authentik/api/auth.py
@@ -15,6 +15,8 @@ LOGGER = get_logger()
 def token_from_header(raw_header: bytes) -> Optional[Token]:
     """raw_header in the Format of `Basic dGVzdDp0ZXN0`"""
     auth_credentials = raw_header.decode()
+    if auth_credentials == "":
+        return None
     # Legacy, accept basic auth thats fully encoded (2021.3 outposts)
     if " " not in auth_credentials:
         try: