diff --git a/server/ente/errors.go b/server/ente/errors.go
index 528a92317b..effeaee252 100644
--- a/server/ente/errors.go
+++ b/server/ente/errors.go
@@ -178,6 +178,8 @@ const (
 
 	FileNotFoundInAlbum ErrorCode = "FILE_NOT_FOUND_IN_ALBUM"
 
+	AuthKeyNotCreated ErrorCode = "AUTH_KEY_NOT_CREATED"
+
 	// PublicCollectDisabled error code indicates that the user has not enabled public collect
 	PublicCollectDisabled ErrorCode = "PUBLIC_COLLECT_DISABLED"
 
diff --git a/server/pkg/controller/authenticator/controller.go b/server/pkg/controller/authenticator/controller.go
index a89b5047f0..10b59210cc 100644
--- a/server/pkg/controller/authenticator/controller.go
+++ b/server/pkg/controller/authenticator/controller.go
@@ -1,11 +1,14 @@
 package authenticaor
 
 import (
+	"errors"
+	"github.com/ente-io/museum/ente"
 	model "github.com/ente-io/museum/ente/authenticator"
 	"github.com/ente-io/museum/pkg/repo/authenticator"
 	"github.com/ente-io/museum/pkg/utils/auth"
 	"github.com/ente-io/stacktrace"
 	"github.com/google/uuid"
+	"net/http"
 
 	"github.com/gin-gonic/gin"
 )
@@ -33,6 +36,9 @@ func (c *Controller) GetKey(ctx *gin.Context) (*model.Key, error) {
 
 // CreateEntity...
 func (c *Controller) CreateEntity(ctx *gin.Context, req model.CreateEntityRequest) (*model.Entity, error) {
+	if err := c.validateKey(ctx); err != nil {
+		return nil, stacktrace.Propagate(err, "failed to validateKey")
+	}
 	userID := auth.GetUserID(ctx.Request.Header)
 	id, err := c.Repo.Create(ctx, userID, req)
 	if err != nil {
@@ -47,10 +53,27 @@ func (c *Controller) CreateEntity(ctx *gin.Context, req model.CreateEntityReques
 
 // UpdateEntity...
 func (c *Controller) UpdateEntity(ctx *gin.Context, req model.UpdateEntityRequest) error {
+	if err := c.validateKey(ctx); err != nil {
+		return stacktrace.Propagate(err, "failed to validateKey")
+	}
 	userID := auth.GetUserID(ctx.Request.Header)
+
 	return c.Repo.Update(ctx, userID, req)
 }
 
+func (c *Controller) validateKey(ctx *gin.Context) error {
+	userID := auth.GetUserID(ctx.Request.Header)
+	_, err := c.Repo.GetKey(ctx, userID)
+	if err != nil && errors.Is(err, &ente.ErrNotFoundError) {
+		return stacktrace.Propagate(&ente.ApiError{
+			Code:           ente.AuthKeyNotCreated,
+			Message:        "AuthKey is not created",
+			HttpStatusCode: http.StatusBadRequest,
+		}, "")
+	}
+	return err
+}
+
 // Delete...
 func (c *Controller) Delete(ctx *gin.Context, entityID uuid.UUID) (bool, error) {
 	userID := auth.GetUserID(ctx.Request.Header)