diff --git a/app/authentication/auth.py b/app/authentication/auth.py
index 5353c4e4f..d7f842aab 100644
--- a/app/authentication/auth.py
+++ b/app/authentication/auth.py
@@ -1,8 +1,11 @@
 from flask import request, jsonify, _request_ctx_stack, current_app
+from sqlalchemy.orm.exc import NoResultFound
+
 from notifications_python_client.authentication import decode_jwt_token, get_token_issuer
 from notifications_python_client.errors import TokenDecodeError, TokenExpiredError
 
 from app.dao.api_key_dao import get_model_api_keys
+from app.dao.services_dao import dao_fetch_service_by_id
 
 
 class AuthError(Exception):
@@ -48,6 +51,11 @@ def requires_auth():
         _request_ctx_stack.top.api_user = api_key
         return
 
+    try:
+        dao_fetch_service_by_id(client)
+    except NoResultFound:
+        raise AuthError("Invalid token: service not found", 403)
+
     if not api_keys:
         raise AuthError("Invalid token: no api keys for service", 403)
     else:
diff --git a/tests/app/authentication/test_authentication.py b/tests/app/authentication/test_authentication.py
index 0fb409dd2..7fdc1b922 100644
--- a/tests/app/authentication/test_authentication.py
+++ b/tests/app/authentication/test_authentication.py
@@ -211,7 +211,7 @@ def test_authentication_returns_error_when_service_doesnt_exit(
         )
         assert response.status_code == 403
         error_message = json.loads(response.get_data())
-        assert error_message['message'] == {'token': ['Invalid token: no api keys for service']}
+        assert error_message['message'] == {'token': ['Invalid token: service not found']}
 
 
 def test_authentication_returns_error_when_service_has_no_secrets(notify_api,