diff --git a/sams_classes/sams_proxy.py b/sams_classes/sams_proxy.py
index b95ecedd763ec2c1d7d89828ddc9cb99322354e9..1f3f946b094a667612e39c00bd59ee0c013f0768 100644
--- a/sams_classes/sams_proxy.py
+++ b/sams_classes/sams_proxy.py
@@ -60,6 +60,8 @@ class SAMSProxy:
     return filteredSession
   
   def _filter_token(self, paramType: str) -> dict:
+    if session == {}:
+      return {}
     if paramType == self._proxySpec.get('token', {}).get('param-type'):
       return {
         self._proxySpec['token']['name']: self._proxySpec['token']['value']}
diff --git a/test/test_sams_proxy.py b/test/test_sams_proxy.py
index a46d2d5411bbe300e2eb467c29bb126eb46402a7..b4d9de8b722d9ce582f4ff98a90432274e05e535 100644
--- a/test/test_sams_proxy.py
+++ b/test/test_sams_proxy.py
@@ -206,6 +206,7 @@ class TestSAMSHubWithThreadedAPI(unittest.TestCase):
     for param_type in ('header', 'url', 'body'):
       proxyApp = Flask('test')
       proxyApp.config['TESTING'] = True
+      proxyApp.secret_key = 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT'
       proxy = SAMSProxy(
         proxySpec = {
           'in': '/proxy', 'out': 'http://localhost:4711',
@@ -223,6 +224,8 @@ class TestSAMSHubWithThreadedAPI(unittest.TestCase):
           view_func = proxy.proxy, methods=['GET', 'POST', 'PUT', 'UPDATE',
             'PATCH', 'DELETE', 'OPTIONS'])
         with proxyApp.test_client(self) as client:
+          with client.session_transaction() as sess:
+            sess['user'] = 'foo'
           res = client.get(path='/proxy/passthrough',
             query_string={'u':'foo'}, data={'g':'bar'},
             headers={'lang': 'klingon'})
@@ -231,4 +234,38 @@ class TestSAMSHubWithThreadedAPI(unittest.TestCase):
           self.assertEqual(resDict['body']['g'], 'bar')
           self.assertEqual(resDict['header']['Lang'], 'klingon')
           eprint(resDict[param_type]) 
-          self.assertEquals(resDict[param_type]['Api-Token'], '53CUR34P170K3N')
\ No newline at end of file
+          self.assertEquals(resDict[param_type]['Api-Token'], '53CUR34P170K3N')
+
+  def test_no_token_passthrough_without_session(self):
+    """The proxy passes the specified token and the other params"""
+    for param_type in ('header', 'url', 'body'):
+      proxyApp = Flask('test')
+      proxyApp.config['TESTING'] = True
+      proxyApp.secret_key = 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT'
+      proxy = SAMSProxy(
+        proxySpec = {
+          'in': '/proxy', 'out': 'http://localhost:4711',
+          'token': {
+            'name': 'Api-Token', 'value': '53CUR34P170K3N',
+            'param-type': param_type
+          }
+        }
+      )
+      with self.subTest(param_type):
+        proxyApp.add_url_rule(rule = proxy.urlRule, endpoint = 'proxy',
+          view_func = proxy.proxy, methods=['GET', 'POST', 'PUT', 'UPDATE',
+            'PATCH', 'DELETE', 'OPTIONS'])
+        proxyApp.add_url_rule(rule = proxy.rootUrlRule, endpoint = 'proxy',
+          view_func = proxy.proxy, methods=['GET', 'POST', 'PUT', 'UPDATE',
+            'PATCH', 'DELETE', 'OPTIONS'])
+        with proxyApp.test_client(self) as client:
+          res = client.get(path='/proxy/passthrough',
+            query_string={'u':'foo'}, data={'g':'bar'},
+            headers={'lang': 'klingon'})
+          resDict = json.loads(res.data.decode('utf-8'))
+          self.assertEqual(resDict['url']['u'], 'foo')
+          self.assertEqual(resDict['body']['g'], 'bar')
+          self.assertEqual(resDict['header']['Lang'], 'klingon')
+          eprint(resDict[param_type]) 
+          self.assertNotEquals(
+            resDict.get(param_type, {}).get('Api-Token'), '53CUR34P170K3N')
\ No newline at end of file