diff --git a/lib/Controller/SlaveController.php b/lib/Controller/SlaveController.php
index 70c896c..f51c0bb 100644
--- a/lib/Controller/SlaveController.php
+++ b/lib/Controller/SlaveController.php
@@ -193,18 +193,14 @@ public function createAppToken($jwt) {
 
 		try {
 			list($uid, $password, $options) = $this->decodeJwt($jwt);
-
-			if (is_array($options) && isset($options['backend']) && $options['backend'] === 'saml') {
+			$saml = (($options['backend'] ?? '') === 'saml');
+			if ($saml) {
 				$this->autoprovisionIfNeeded($uid, $options);
 			}
 
 			if ($this->userManager->userExists($uid)) {
-				// if we have a password, we verify it
-				if (!empty($password)) {
-					$result = $this->userSession->login($uid, $password);
-				} else {
-					$result = true;
-				}
+				// if we have a password, we verify it; if not it means we should be using saml.
+				$result = ('' === $password) ? $saml : $this->userSession->login($uid, $password);
 				if ($result) {
 					$token = $this->tokenHandler->generateAppToken($uid);