diff --git a/bigbluebutton-html5/imports/api/users/server/methods/validateAuthToken.js b/bigbluebutton-html5/imports/api/users/server/methods/validateAuthToken.js
index 7303caa2ba..cc1014c218 100644
--- a/bigbluebutton-html5/imports/api/users/server/methods/validateAuthToken.js
+++ b/bigbluebutton-html5/imports/api/users/server/methods/validateAuthToken.js
@@ -3,6 +3,7 @@ import RedisPubSub from '/imports/startup/server/redis';
 import Logger from '/imports/startup/server/logger';
 import pendingAuthenticationsStore from '../store/pendingAuthentications';
 import BannedUsers from '../store/bannedUsers';
+import Users from '/imports/api/users';
 
 export default function validateAuthToken(meetingId, requesterUserId, requesterToken, externalId) {
   const REDIS_CONFIG = Meteor.settings.private.redis;
@@ -13,10 +14,18 @@ export default function validateAuthToken(meetingId, requesterUserId, requesterT
   if (externalId) {
     if (BannedUsers.has(meetingId, externalId)) {
       Logger.warn(`A banned user with extId ${externalId} tried to enter in meeting ${meetingId}`);
-      return;
+      return { invalid: true, reason: 'User has been banned.' };
     }
   }
 
+  // Check if a removed user is trying to access the meeting using the same sessionToken
+  const isUserEjected = Users.findOne({ meetingId, authToken: requesterToken, ejected: true });
+
+  if (isUserEjected) {
+    Logger.warn(`An invalid sessionToken tried to validateAuthToken meetingId=${meetingId} authToken=${requesterToken}`);
+    return { invalid: true, reason: 'User has been ejected.' };
+  }
+
   // Store reference of methodInvocationObject ( to postpone the connection userId definition )
   pendingAuthenticationsStore.add(meetingId, requesterUserId, requesterToken, this);
 
diff --git a/bigbluebutton-html5/imports/ui/services/auth/index.js b/bigbluebutton-html5/imports/ui/services/auth/index.js
index b866da0b3b..02368a6e98 100755
--- a/bigbluebutton-html5/imports/ui/services/auth/index.js
+++ b/bigbluebutton-html5/imports/ui/services/auth/index.js
@@ -220,11 +220,11 @@ class Auth {
 
       const result = await makeCall('validateAuthToken', this.meetingID, this.userID, this.token, this.externUserID);
 
-      if (!result) {
+      if (result && result.invalid) {
         clearTimeout(validationTimeout);
         reject({
           error: 401,
-          description: 'User has been banned.',
+          description: result.reason,
         });
         return;
       }