diff --git a/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js b/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js
index 7a77354fa..a6bc8e94e 100644
--- a/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js
+++ b/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js
@@ -146,7 +146,7 @@ function authenticateUserToken(req) {
                 } else {
                     reject();
                 }
-            });
+            }).catch(reject);
         } else {
             reject();
         }
@@ -163,6 +163,7 @@ TokensStrategy.prototype.authenticate = function(req) {
     authenticateUserToken(req).then(user => {
         this.success(user,{scope:user.permissions});
     }).catch(err => {
+        log.trace("token authentication failure: "+err.stack)
         this.fail(401);
     });
 }
diff --git a/packages/node_modules/@node-red/editor-api/lib/index.js b/packages/node_modules/@node-red/editor-api/lib/index.js
index 258e6e514..56f52a222 100644
--- a/packages/node_modules/@node-red/editor-api/lib/index.js
+++ b/packages/node_modules/@node-red/editor-api/lib/index.js
@@ -90,6 +90,8 @@ function init(settings,_server,storage,runtimeAPI) {
                     auth.getToken,
                     auth.errorHandler
                 );
+            } else if (settings.adminAuth.tokens) {
+                adminApp.use(passport.initialize());
             }
             adminApp.post("/auth/revoke",auth.needsPermission(""),auth.revoke,apiUtil.errorHandler);
         }