diff --git a/lib/Alternc/Api/Auth/Sharedsecret.php b/lib/Alternc/Api/Auth/Sharedsecret.php
index 57e973bf..5709121d 100644
--- a/lib/Alternc/Api/Auth/Sharedsecret.php
+++ b/lib/Alternc/Api/Auth/Sharedsecret.php
@@ -13,7 +13,7 @@ class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface {
   const ERR_INVALID_SECRET = 1111802;
   const ERR_INVALID_LOGIN = 1111803;
   const ERR_DISABLED_ACCOUNT = 1111804;
-
+  const ERR_INVALID_AUTH = 1111805;
 
   /**
    * Constructor of the Shared Secret Api Auth
diff --git a/lib/Alternc/Api/Token.php b/lib/Alternc/Api/Token.php
index 5c07d577..63bb5a77 100644
--- a/lib/Alternc/Api/Token.php
+++ b/lib/Alternc/Api/Token.php
@@ -116,11 +116,10 @@ class Alternc_Api_Token {
       }
       $stmt=$db->prepare("SELECT * FROM token WHERE token=?");
       $stmt->execute(array($token));
-      while ($tok=$stmt->fetch(PDO::FETCH_OBJ)) {
-	return new Alternc_Api_Token( json_decode($tok->data,true) );
-      } 
-
-      return null;
+       if (  $tok=$stmt->fetch(PDO::FETCH_OBJ)  ) {
+        return new Alternc_Api_Token( json_decode($tok->data,true) );
+      }
+      return new Alternc_Api_Response( array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token") );
     }