diff --git a/src/services/auth.js b/src/services/auth.js
index ed5f7534d05..7042d62225f 100644
--- a/src/services/auth.js
+++ b/src/services/auth.js
@@ -78,6 +78,17 @@ export function initVueAuthenticate (config) {
         }
         return null
       },
+      getStoredUserObject () {
+        const storageString = sessionStorage.getItem('oc_oAuth' + mgr._userStoreKey)
+        if (storageString) {
+          const user = User.fromStorageString(storageString)
+          if (user) {
+            mgr.events.load(user, false)
+            return user
+          }
+        }
+        return null
+      },
       isAuthenticated () {
         return this.getToken() !== null
       },
diff --git a/src/store/user.js b/src/store/user.js
index 3c75b2fddb2..54f2296dae5 100644
--- a/src/store/user.js
+++ b/src/store/user.js
@@ -32,12 +32,18 @@ const actions = {
       // force redirect to login page after logout
       router.push({ name: 'login' })
     }
-    vueAuthInstance.logout()
-      .then(logoutFinalizer)
-      .catch(error => {
-        console.error(error)
-        logoutFinalizer()
-      })
+    // TODO: only call logout if we still have the id token
+    const u = vueAuthInstance.getStoredUserObject()
+    if (u && u.id_token) {
+      vueAuthInstance.logout()
+        .then(logoutFinalizer)
+        .catch(error => {
+          console.error(error)
+          logoutFinalizer()
+        })
+    } else {
+      logoutFinalizer()
+    }
   },
   initAuth (context, payload = { autoRedirect: false }) {
     function init (client, token, doLogin = true) {