diff --git a/internal/command/user_human_refresh_token.go b/internal/command/user_human_refresh_token.go
index 5416cc76d0..9449221dc7 100644
--- a/internal/command/user_human_refresh_token.go
+++ b/internal/command/user_human_refresh_token.go
@@ -147,7 +147,7 @@ func (c *Commands) renewRefreshToken(ctx context.Context, userID, orgID, refresh
 
 	tokenUserID, tokenID, token, err := domain.FromRefreshToken(refreshToken, c.keyAlgorithm)
 	if err != nil {
-		return nil, "", "", zerrors.ThrowInvalidArgument(err, "COMMAND-Dbfe4", "Errors.User.RefreshToken.Invalid")
+		return nil, "", "", err
 	}
 	if tokenUserID != userID {
 		return nil, "", "", zerrors.ThrowInvalidArgument(nil, "COMMAND-Ht2g2", "Errors.User.RefreshToken.Invalid")
diff --git a/internal/domain/refresh_token.go b/internal/domain/refresh_token.go
index 31f342c35f..3bd6aed2f4 100644
--- a/internal/domain/refresh_token.go
+++ b/internal/domain/refresh_token.go
@@ -31,7 +31,7 @@ func FromRefreshToken(refreshToken string, algorithm crypto.EncryptionAlgorithm)
 	}
 	split := strings.Split(string(decrypted), ":")
 	if len(split) != 3 {
-		return "", "", "", zerrors.ThrowInternal(nil, "DOMAIN-BGDhn", "Errors.User.RefreshToken.Invalid")
+		return "", "", "", zerrors.ThrowInvalidArgument(nil, "DOMAIN-BGDhn", "Errors.User.RefreshToken.Invalid")
 	}
 	return split[0], split[1], split[2], nil
 }