diff --git a/lib/apis.js b/lib/apis.js
index e7970a7..6ffe6ec 100644
--- a/lib/apis.js
+++ b/lib/apis.js
@@ -174,7 +174,7 @@ module.exports.create = function (xconfx, apiFactories, apiDeps) {
               res.send({ error: { message: "You must be logged in", code: "E_NO_AUTHN" } });
               return;
             }
-            if ('string' !== req.oauth3.token.scp) {
+            if ('string' !== typeof req.oauth3.token.scp) {
               res.send({ error: { message: "Token must contain a grants string in 'scp'", code: "E_NO_GRANTS" } });
               return;
             }