diff --git a/tests/api/test_secure_api.py b/tests/api/test_secure_api.py
index 195de9851..ce81aa77f 100644
--- a/tests/api/test_secure_api.py
+++ b/tests/api/test_secure_api.py
@@ -99,6 +99,10 @@ def test_security(oauth_requests, secure_endpoint_app):
     assert response.data == b'"Unauthenticated"\n'
     assert response.status_code == 200
 
+    # security function throws exception
+    response = app_client.get('/v1.0/auth-exception', headers={'X-Api-Key': 'foo'})
+    assert response.status_code == 401
+
 
 def test_checking_that_client_token_has_all_necessary_scopes(
         oauth_requests, secure_endpoint_app):
diff --git a/tests/fakeapi/hello/__init__.py b/tests/fakeapi/hello/__init__.py
index ba1824215..a0c0274f4 100644
--- a/tests/fakeapi/hello/__init__.py
+++ b/tests/fakeapi/hello/__init__.py
@@ -5,6 +5,8 @@
 from connexion import NoContent, ProblemException, context, request
 from flask import jsonify, redirect, send_file
 
+from connexion.exceptions import OAuthProblem
+
 
 class DummyClass:
     @classmethod
@@ -463,6 +465,9 @@ def optional_auth(**kwargs):
         return "Authenticated"
 
 
+def auth_exception():
+    return 'foo'
+
 def test_args_kwargs(*args, **kwargs):
     return kwargs
 
@@ -569,6 +574,10 @@ def jwt_info(token):
     return None
 
 
+def apikey_exception(token):
+    raise OAuthProblem()
+
+
 def get_add_operation_on_http_methods_only():
     return ""
 
diff --git a/tests/fixtures/secure_endpoint/openapi.yaml b/tests/fixtures/secure_endpoint/openapi.yaml
index d4dcf3a94..d3d16b83b 100644
--- a/tests/fixtures/secure_endpoint/openapi.yaml
+++ b/tests/fixtures/secure_endpoint/openapi.yaml
@@ -138,6 +138,17 @@ paths:
       responses:
         '200':
           description: some response
+  /auth-exception:
+    get:
+      summary: Test security handler function that raises an exception
+      description: Throw error from security function
+      operationId: fakeapi.hello.auth_exception
+      security:
+        - auth_exception: []
+      responses:
+        '200':
+          description: some response
+
 servers:
   - url: /v1.0
 components:
@@ -161,3 +172,8 @@ components:
       scheme: bearer
       bearerFormat: JWT
       x-bearerInfoFunc: fakeapi.hello.jwt_info
+    auth_exception:
+      type: apiKey
+      name: X-Api-Key
+      in: header
+      x-apikeyInfoFunc: fakeapi.hello.apikey_exception
diff --git a/tests/fixtures/secure_endpoint/swagger.yaml b/tests/fixtures/secure_endpoint/swagger.yaml
index 06e9d8315..1f0ea4939 100644
--- a/tests/fixtures/secure_endpoint/swagger.yaml
+++ b/tests/fixtures/secure_endpoint/swagger.yaml
@@ -29,6 +29,12 @@ securityDefinitions:
       x-authentication-scheme: Bearer
       x-bearerInfoFunc: fakeapi.hello.jwt_info
 
+    auth_exception:
+      type: apiKey
+      name: X-Api-Key
+      in: header
+      x-apikeyInfoFunc: fakeapi.hello.apikey_exception
+
 paths:
   /byesecure/{name}:
     get:
@@ -171,3 +177,14 @@ paths:
       responses:
         '200':
           description: some response
+
+  /auth-exception:
+    get:
+      summary: Test security handler function that raises an exception
+      description: Throw error from security function
+      operationId: fakeapi.hello.auth_exception
+      security:
+        - auth_exception: []
+      responses:
+        '200':
+          description: some response