diff --git a/api/src/auth.ts b/api/src/auth.ts
index a2991372..02698625 100644
--- a/api/src/auth.ts
+++ b/api/src/auth.ts
@@ -35,13 +35,21 @@ export const auth = new Elysia({ name: "auth" })
 			});
 		}
 
-		// @ts-expect-error ts can't understand that there's two overload idk why
-		const { payload } = await jwtVerify(bearer, jwtSecret ?? jwks, {
-			issuer: process.env.JWT_ISSUER,
-		});
-		const jwt = validator.Decode(payload);
+		try {
+			// @ts-expect-error ts can't understand that there's two overload idk why
+			const { payload } = await jwtVerify(bearer, jwtSecret ?? jwks, {
+				issuer: process.env.JWT_ISSUER,
+			});
+			const jwt = validator.Decode(payload);
 
-		return { jwt };
+			return { jwt };
+		} catch (err) {
+			return error(403, {
+				status: 403,
+				message: "Invalid jwt. Verification vailed",
+				details: err,
+			});
+		}
 	})
 	.macro({
 		permissions(perms: string[]) {
diff --git a/api/src/db/utils.ts b/api/src/db/utils.ts
index 2f1e6689..c5ac3e2f 100644
--- a/api/src/db/utils.ts
+++ b/api/src/db/utils.ts
@@ -1,5 +1,5 @@
 import {
-    Column,
+	type Column,
 	type ColumnsSelection,
 	type SQL,
 	type SQLWrapper,
diff --git a/auth/jwt.go b/auth/jwt.go
index 41d43d29..c854da19 100644
--- a/auth/jwt.go
+++ b/auth/jwt.go
@@ -58,8 +58,8 @@ func (h *Handler) createGuestJwt() *string {
 
 	claims := maps.Clone(h.config.GuestClaims)
 	claims["username"] = "guest"
-	claims["sub"] = "guest"
-	claims["sid"] = "guest"
+	claims["sub"] = "00000000-0000-0000-0000-000000000000"
+	claims["sid"] = "00000000-0000-0000-0000-000000000000"
 	claims["iss"] = h.config.PublicUrl
 	claims["iat"] = &jwt.NumericDate{
 		Time: time.Now().UTC(),