diff --git a/server/api/oauth2/controller/tokens/authorizationCode.js b/server/api/oauth2/controller/tokens/authorizationCode.js
index 53582c6..1f9a66b 100644
--- a/server/api/oauth2/controller/tokens/authorizationCode.js
+++ b/server/api/oauth2/controller/tokens/authorizationCode.js
@@ -7,9 +7,14 @@ module.exports = async (oauth2, client, providedCode, redirectUri) => {
 
   let code = null
 
+  if (!providedCode) {
+    throw new error.InvalidRequest('code is mandatory for authorization_code grant type')
+  }
+
   try {
     code = await oauth2.model.code.fetchByCode(providedCode)
   } catch (err) {
+    console.error(err)
     throw new error.ServerError('Failed to call code.fetchByCode function')
   }