diff --git a/packages/datastore/__tests__/subscription.test.ts b/packages/datastore/__tests__/subscription.test.ts
index aa1e649b878..e6de41bcc0a 100644
--- a/packages/datastore/__tests__/subscription.test.ts
+++ b/packages/datastore/__tests__/subscription.test.ts
@@ -126,6 +126,34 @@ describe('sync engine subscription module', () => {
 			),
 		).toEqual(authInfo);
 	});
+	test('owner authorization with no token(expired)', () => {
+		const authRules = [
+			{
+				provider: 'userPools',
+				ownerField: 'owner',
+				allow: 'owner',
+				identityClaim: 'cognito:username',
+				operations: ['create', 'update', 'delete'],
+			},
+		];
+		const model = generateModelWithAuth(authRules);
+
+		const authInfo = {
+			authMode: 'userPool',
+			isOwner: false,
+		};
+
+		expect(
+			// @ts-ignore
+			SubscriptionProcessor.prototype.getAuthorizationInfo(
+				model,
+				USER_CREDENTIALS.auth,
+				'userPool',
+				undefined,
+				'userPool',
+			),
+		).toEqual(authInfo);
+	});
 	test('owner authorization with public subscription', () => {
 		const authRules = [
 			{
diff --git a/packages/datastore/src/sync/processors/subscription.ts b/packages/datastore/src/sync/processors/subscription.ts
index ac3760255d0..c508c8d5885 100644
--- a/packages/datastore/src/sync/processors/subscription.ts
+++ b/packages/datastore/src/sync/processors/subscription.ts
@@ -205,7 +205,7 @@ class SubscriptionProcessor {
 				: [];
 
 		oidcOwnerAuthRules.forEach(ownerAuthRule => {
-			const ownerValue = oidcTokenPayload[ownerAuthRule.identityClaim];
+			const ownerValue = oidcTokenPayload?.[ownerAuthRule.identityClaim];
 			const singleOwner =
 				model.fields[ownerAuthRule.ownerField]?.isArray !== true;
 			const isOwnerArgRequired =