diff --git a/internal/actions/object/auth_request.go b/internal/actions/object/auth_request.go
index 7d4d869af1..93d842f98f 100644
--- a/internal/actions/object/auth_request.go
+++ b/internal/actions/object/auth_request.go
@@ -18,6 +18,9 @@ func AuthRequestField(authRequest *domain.AuthRequest) func(c *actions.FieldConf
 }
 
 func AuthRequestFromDomain(c *actions.FieldConfig, request *domain.AuthRequest) goja.Value {
+	if request == nil {
+		return c.Runtime.ToValue(nil)
+	}
 	var maxAuthAge *time.Duration
 	if request.MaxAuthAge != nil {
 		maxAuthAgeCopy := *request.MaxAuthAge
diff --git a/internal/api/ui/login/external_provider_handler.go b/internal/api/ui/login/external_provider_handler.go
index 09c506e825..81d7fac2ce 100644
--- a/internal/api/ui/login/external_provider_handler.go
+++ b/internal/api/ui/login/external_provider_handler.go
@@ -634,6 +634,10 @@ func (l *Login) autoCreateExternalUser(w http.ResponseWriter, r *http.Request, a
 // renderExternalNotFoundOption renders a page, where the user is able to edit the IDP data,
 // create a new externalUser of link to existing on (based on the IDP template)
 func (l *Login) renderExternalNotFoundOption(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, orgIAMPolicy *query.DomainPolicy, human *domain.Human, idpLink *domain.UserIDPLink, err error) {
+	if authReq == nil {
+		l.renderError(w, r, nil, err)
+		return
+	}
 	resourceOwner := determineResourceOwner(r.Context(), authReq)
 	if orgIAMPolicy == nil {
 		orgIAMPolicy, err = l.getOrgDomainPolicy(r, resourceOwner)