diff --git a/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/bootstrap/secure/LwM2mDefaultBootstrapSessionManager.java b/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/bootstrap/secure/LwM2mDefaultBootstrapSessionManager.java
index 0e6d2933e4..097b69f806 100644
--- a/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/bootstrap/secure/LwM2mDefaultBootstrapSessionManager.java
+++ b/common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/bootstrap/secure/LwM2mDefaultBootstrapSessionManager.java
@@ -34,6 +34,7 @@ import org.eclipse.leshan.server.security.BootstrapSecurityStore;
 import org.eclipse.leshan.server.security.SecurityChecker;
 import org.eclipse.leshan.server.security.SecurityInfo;
 import org.thingsboard.server.common.transport.TransportService;
+import org.thingsboard.server.transport.lwm2m.server.client.LwM2MAuthException;
 
 import java.util.ArrayList;
 import java.util.Iterator;
@@ -79,17 +80,19 @@ public class LwM2mDefaultBootstrapSessionManager extends DefaultBootstrapSession
 
     @Override
     public BootstrapSession begin(BootstrapRequest request, Identity clientIdentity) {
-        boolean authorized;
+        boolean authorized = true;
         Iterator<SecurityInfo> securityInfos;
-        if (bsSecurityStore != null && securityChecker != null) {
-            if (clientIdentity.isSecure() && clientIdentity.isPSK()) {
-                securityInfos = bsSecurityStore.getAllByEndpoint(clientIdentity.getPskIdentity());
-            } else {
-                securityInfos = bsSecurityStore.getAllByEndpoint(request.getEndpointName());
+        try {
+            if (bsSecurityStore != null && securityChecker != null) {
+                if (clientIdentity.isSecure() && clientIdentity.isPSK()) {
+                    securityInfos = bsSecurityStore.getAllByEndpoint(clientIdentity.getPskIdentity());
+                } else {
+                    securityInfos = bsSecurityStore.getAllByEndpoint(request.getEndpointName());
+                }
+                authorized = securityChecker.checkSecurityInfos(request.getEndpointName(), clientIdentity, securityInfos);
             }
-            authorized = securityChecker.checkSecurityInfos(request.getEndpointName(), clientIdentity, securityInfos);
-        } else {
-            authorized = true;
+        } catch (LwM2MAuthException e) {
+            authorized = false;
         }
         DefaultBootstrapSession session = new DefaultBootstrapSession(request, clientIdentity, authorized);
         if (authorized) {