diff --git a/src/Core/IdentityServer/BaseRequestValidator.cs b/src/Core/IdentityServer/BaseRequestValidator.cs
index dc36d2ae1b..9334bbc3ca 100644
--- a/src/Core/IdentityServer/BaseRequestValidator.cs
+++ b/src/Core/IdentityServer/BaseRequestValidator.cs
@@ -433,6 +433,11 @@ namespace Bit.Core.IdentityServer
                     }
                     else if (type == TwoFactorProviderType.WebAuthn)
                     {
+                        if (token == null)
+                        {
+                            return null;
+                        }
+
                         return JsonSerializer.Deserialize<Dictionary<string, object>>(token);
                     }
                     else if (type == TwoFactorProviderType.Email)
diff --git a/src/Core/Models/TwoFactorProvider.cs b/src/Core/Models/TwoFactorProvider.cs
index 79bb9d448b..c4f786559b 100644
--- a/src/Core/Models/TwoFactorProvider.cs
+++ b/src/Core/Models/TwoFactorProvider.cs
@@ -131,6 +131,7 @@ namespace Bit.Core.Models
                 case TwoFactorProviderType.Duo:
                 case TwoFactorProviderType.YubiKey:
                 case TwoFactorProviderType.U2f:
+                case TwoFactorProviderType.WebAuthn:
                     return true;
                 default:
                     return false;