diff --git a/packages/backend/server/src/core/auth/service.ts b/packages/backend/server/src/core/auth/service.ts
index 187f3b28cd..2159550864 100644
--- a/packages/backend/server/src/core/auth/service.ts
+++ b/packages/backend/server/src/core/auth/service.ts
@@ -226,6 +226,10 @@ export class AuthService implements OnApplicationBootstrap {
   }
 
   async getSession(token: string) {
+    if (!token) {
+      return null;
+    }
+
     return this.db.$transaction(async tx => {
       const session = await tx.session.findUnique({
         where: {
diff --git a/packages/backend/server/src/plugins/payment/webhook.ts b/packages/backend/server/src/plugins/payment/webhook.ts
index 4b98e2de78..3ce709d396 100644
--- a/packages/backend/server/src/plugins/payment/webhook.ts
+++ b/packages/backend/server/src/plugins/payment/webhook.ts
@@ -12,6 +12,7 @@ import { EventEmitter2 } from '@nestjs/event-emitter';
 import type { Request } from 'express';
 import Stripe from 'stripe';
 
+import { Public } from '../../core/auth';
 import { Config } from '../../fundamentals';
 
 @Controller('/api/stripe')
@@ -28,6 +29,7 @@ export class StripeWebhook {
     this.webhookKey = config.plugins.payment.stripe.keys.webhookKey;
   }
 
+  @Public()
   @Post('/webhook')
   async handleWebhook(@Req() req: RawBodyRequest<Request>) {
     // Check if webhook signing is configured.