diff --git a/src/main/java/me/pinitgateway/security/SecurityConfig.java b/src/main/java/me/pinitgateway/security/SecurityConfig.java
index 559e3db..5801e82 100644
--- a/src/main/java/me/pinitgateway/security/SecurityConfig.java
+++ b/src/main/java/me/pinitgateway/security/SecurityConfig.java
@@ -3,6 +3,7 @@
 import me.pinitgateway.jwt.JwtAuthenticationFilter;
 import me.pinitgateway.jwt.JwtTokenProvider;
 import me.pinitgateway.jwt.RsaKeyProvider;
+import org.springframework.http.HttpStatus;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -14,6 +15,7 @@
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.config.web.server.SecurityWebFiltersOrder;
 import org.springframework.security.web.server.SecurityWebFilterChain;
+import org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint;
 import org.springframework.security.web.server.context.NoOpServerSecurityContextRepository;
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;
@@ -94,6 +96,8 @@ private ServerHttpSecurity applyCommon(ServerHttpSecurity http) {
                 .csrf(ServerHttpSecurity.CsrfSpec::disable)
                 .httpBasic(ServerHttpSecurity.HttpBasicSpec::disable)
                 .formLogin(ServerHttpSecurity.FormLoginSpec::disable)
+                .exceptionHandling(spec -> spec
+                        .authenticationEntryPoint(new HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED)))
                 .securityContextRepository(NoOpServerSecurityContextRepository.getInstance());
     }