diff --git a/.env.sample b/.env.sample
index 92c84ee..c849ec4 100644
--- a/.env.sample
+++ b/.env.sample
@@ -27,3 +27,6 @@ MUX_TOKEN_ID=
 MUX_TOKEN_SECRET=
 MUX_BROADCAST_SERVER_URL=rtmp://global-live.mux.com:5222/app
 MUX_TEST_MODE_DISABLED=
+
+# Required for
+CUSTOM_API_TOKEN=
\ No newline at end of file
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
index 34be00a..87dca55 100644
--- a/app/controllers/api/users_controller.rb
+++ b/app/controllers/api/users_controller.rb
@@ -20,7 +20,7 @@ class Api::UsersController < Api::ApiController
   end
 
   def verify_custom_token
-    if token != ENV['CUSTOM_API_TOKEN']
+    if token.nil? || token.empty? || token != ENV['CUSTOM_API_TOKEN']
       unauthorized_entity(:user)
     end
   end