diff --git a/app/Http/Controllers/ClientPortal/InvitationController.php b/app/Http/Controllers/ClientPortal/InvitationController.php
index 42114b2a77c5..baa95d7aa9c3 100644
--- a/app/Http/Controllers/ClientPortal/InvitationController.php
+++ b/app/Http/Controllers/ClientPortal/InvitationController.php
@@ -32,8 +32,8 @@ class InvitationController extends Controller
     public function invoiceRouter(string $invitation_key)
     {
 
-    	$invitation = InvoiceInvitation::whereInvitationKey($invitation_key)->first();
-//        $invitation = InvoiceInvitation::whereRaw("BINARY `invitation_key`= ?", [$invitation_key])->first();
+//    	$invitation = InvoiceInvitation::whereInvitationKey($invitation_key)->first();
+        $invitation = InvoiceInvitation::whereRaw("BINARY `invitation_key`= ?", [$invitation_key])->first();
 
     	if($invitation){
     		$invitation->markViewed();
diff --git a/app/Http/Middleware/ApiSecretCheck.php b/app/Http/Middleware/ApiSecretCheck.php
index 38e195981e93..d7f1448a9385 100644
--- a/app/Http/Middleware/ApiSecretCheck.php
+++ b/app/Http/Middleware/ApiSecretCheck.php
@@ -30,8 +30,10 @@ class ApiSecretCheck
             return $next($request);
         else {
 
-            $error['error'] = ['message' => 'Invalid secret'];
-
+            $error = [
+                'message' => 'Invalid secret',
+                'errors' => []
+            ];
             return response()
             ->json(json_encode($error, JSON_PRETTY_PRINT) ,403)
             ->header('X-App-Version', config('ninja.app_version'))
diff --git a/app/Http/Middleware/ContactSetDb.php b/app/Http/Middleware/ContactSetDb.php
index 919df54712d1..881510e60910 100644
--- a/app/Http/Middleware/ContactSetDb.php
+++ b/app/Http/Middleware/ContactSetDb.php
@@ -28,7 +28,11 @@ class ContactSetDb
     public function handle($request, Closure $next)
     {
 
-        $error['error'] = ['message' => 'Database could not be set'];
+
+        $error = [
+                'message' => 'Invalid Token',
+                'errors' => []
+            ];
 
         // we must have a token passed, that matched a token in the db, and multiDB is enabled.
         // todo i don't think we can call the DB prior to setting it???? i think this if statement needs to be rethought
diff --git a/app/Http/Middleware/ContactTokenAuth.php b/app/Http/Middleware/ContactTokenAuth.php
index 66a856da7857..5291566f1f0e 100644
--- a/app/Http/Middleware/ContactTokenAuth.php
+++ b/app/Http/Middleware/ContactTokenAuth.php
@@ -32,14 +32,24 @@ class ContactTokenAuth
         if( $request->header('X-API-TOKEN') && ($client_contact = ClientContact::with(['company'])->whereRaw("BINARY `token`= ?",[$request->header('X-API-TOKEN')])->first() ) ) 
         {
             
+            $error = [
+                'message' => 'Authentication disabled for user.',
+                'errors' => []
+            ];
+
             //client_contact who once existed, but has been soft deleted   
             if(!$client_contact)
-                return response()->json(json_encode(['message' => 'Authentication disabled for user.'], JSON_PRETTY_PRINT) ,403); 
+                return response()->json(json_encode($error, JSON_PRETTY_PRINT) ,403); 
 
 
+            $error = [
+                'message' => 'Access is locked.',
+                'errors' => []
+            ];
+
             //client_contact who has been disabled
             if($client_contact->is_locked)
-                return response()->json(json_encode(['message' => 'Access is locked.'], JSON_PRETTY_PRINT) ,403); 
+                return response()->json(json_encode($error, JSON_PRETTY_PRINT) ,403); 
 
             //stateless, don't remember the contact.
             auth()->guard('contact')->login($client_contact, false); 
@@ -49,7 +59,12 @@ class ContactTokenAuth
         }
         else {
 
-            return response()->json(json_encode(['message' => 'Invalid token'], JSON_PRETTY_PRINT) ,403);
+            $error = [
+                'message' => 'Invalid token',
+                'errors' => []
+            ];
+
+            return response()->json(json_encode($error, JSON_PRETTY_PRINT) ,403);
         }
 
         return $next($request);
diff --git a/app/Http/Middleware/SetDb.php b/app/Http/Middleware/SetDb.php
index c741abf634f1..246cc7ef3ae4 100644
--- a/app/Http/Middleware/SetDb.php
+++ b/app/Http/Middleware/SetDb.php
@@ -28,7 +28,10 @@ class SetDb
     public function handle($request, Closure $next)
     {
 
-        $error['error'] = ['message' => 'Database could not be set'];
+        $error = [
+            'message' => 'Invalid Token',
+            'errors' => []
+        ];
 
         // we must have a token passed, that matched a token in the db, and multiDB is enabled.
         // todo i don't think we can call the DB prior to setting it???? i think this if statement needs to be rethought
diff --git a/app/Http/Middleware/SetDomainNameDb.php b/app/Http/Middleware/SetDomainNameDb.php
index 706444728446..54bd3459244c 100644
--- a/app/Http/Middleware/SetDomainNameDb.php
+++ b/app/Http/Middleware/SetDomainNameDb.php
@@ -26,8 +26,11 @@ class SetDomainNameDb
     
     public function handle($request, Closure $next)
     {
-        $error['error'] = ['message' => 'Database could not be set'];
 
+            $error = [
+                'message' => 'Invalid token',
+                'errors' => []
+            ];
         /* 
          * Use the host name to set the active DB
          **/
diff --git a/app/Http/Middleware/SetWebDb.php b/app/Http/Middleware/SetWebDb.php
index ac8688c872cb..f7a1e6b8290a 100644
--- a/app/Http/Middleware/SetWebDb.php
+++ b/app/Http/Middleware/SetWebDb.php
@@ -17,6 +17,7 @@ class SetWebDb
      */
     public function handle($request, Closure $next)
     {
+        
         if (config('ninja.db.multi_db_enabled'))
         {
 
diff --git a/app/Http/Middleware/TokenAuth.php b/app/Http/Middleware/TokenAuth.php
index 9d0868b1e096..27723f4437c1 100644
--- a/app/Http/Middleware/TokenAuth.php
+++ b/app/Http/Middleware/TokenAuth.php
@@ -33,9 +33,14 @@ class TokenAuth
 
             $user = $company_token->user;
             
+
+            $error = [
+                'message' => 'User inactive',
+                'errors' => []
+            ];
             //user who once existed, but has been soft deleted
             if(!$user)
-                return response()->json(json_encode(['message' => 'User inactive'], JSON_PRETTY_PRINT) ,403); 
+                return response()->json(json_encode($error, JSON_PRETTY_PRINT) ,403); 
 
             /*
             |
@@ -47,8 +52,15 @@ class TokenAuth
             $user->setCompany($company_token->company); 
 
             //user who once existed, but has been soft deleted   
-            if($user->user_company()->is_locked)
-                return response()->json(json_encode(['message' => 'User access locked'], JSON_PRETTY_PRINT) ,403); 
+            if($user->user_company()->is_locked){
+
+                $error = [
+                    'message' => 'User access locked',
+                    'errors' => []
+                ];
+
+                return response()->json(json_encode($error, JSON_PRETTY_PRINT) ,403); 
+            }
    
             //stateless, don't remember the user.
             auth()->login($user, false); 
@@ -58,7 +70,12 @@ class TokenAuth
         }
         else {
 
-            return response()->json(json_encode(['message' => 'Invalid token'], JSON_PRETTY_PRINT) ,403);
+            $error = [
+                'message' => 'Invalid token',
+                'errors' => []
+            ];
+
+            return response()->json(json_encode($error, JinvoicelspSON_PRETTY_PRINT) ,403);
         }
 
         return $next($request);