diff --git a/apps/api-gateway/src/authz/guards/user-role.guard.ts b/apps/api-gateway/src/authz/guards/user-role.guard.ts
index 778094571..3c3dc4d7a 100644
--- a/apps/api-gateway/src/authz/guards/user-role.guard.ts
+++ b/apps/api-gateway/src/authz/guards/user-role.guard.ts
@@ -8,8 +8,12 @@ export class UserRoleGuard implements CanActivate {
 
     const { user } = request;
 
-    if (user?.userRole && user?.userRole.includes('holder')) {
-      throw new ForbiddenException('This role is a holder.');
+    if (!user?.userRole) {
+      throw new ForbiddenException('This role is not a holder.');
+    }
+    
+    if (!user?.userRole.includes('holder')) {
+      throw new ForbiddenException('This role is not a holder.');
     }
 
     return true;