diff --git a/frontend/src/app/app-routing.module.ts b/frontend/src/app/app-routing.module.ts
index 8f46be4f9..305b4ebab 100644
--- a/frontend/src/app/app-routing.module.ts
+++ b/frontend/src/app/app-routing.module.ts
@@ -3,6 +3,7 @@ import { RouterModule, Routes } from '@angular/router';
 import { AppPermission } from './core/common/enum/permission.enum';
 import { BreadcrumbService } from './ui/misc/breadcrumb/breadcrumb.service';
 import { ReloadHelperComponent } from './ui/misc/reload-helper/reload-helper.component';
+import { AuthGuard } from './core/auth-guard.service';
 
 const appRoutes: Routes = [
 	{
@@ -418,6 +419,7 @@ const appRoutes: Routes = [
 const tenantEnrichedRoutes: Routes = [
 	{
 		path: 't/:tenant_code',
+		canActivate: [AuthGuard],
 		data: {
 			breadcrumb: true,
 			...BreadcrumbService.generateRouteDataConfiguration({
diff --git a/frontend/src/app/app.module.ts b/frontend/src/app/app.module.ts
index 5950e4efc..9af644f40 100644
--- a/frontend/src/app/app.module.ts
+++ b/frontend/src/app/app.module.ts
@@ -44,6 +44,7 @@ import { GuidedTourModule } from './library/guided-tour/guided-tour.module';
 import { DepositOauth2DialogModule } from './ui/misc/deposit-oauth2-dialog/deposit-oauth2-dialog.module';
 import { OpenCDMPCustomTranslationCompiler } from './utilities/translate/opencdmp-custom-translation-compiler';
 import { Router } from '@angular/router';
+import { RouterUtilsService } from './core/services/router/router-utils.service';
 
 // AoT requires an exported function for factories
 export function HttpLoaderFactory(languageHttpService: LanguageHttpService) {
@@ -80,7 +81,7 @@ const cookieConfig: NgcCookieConsentConfig = {
 	type: 'info'
 };
 
-export function InstallationConfigurationFactory(appConfig: ConfigurationService, keycloak: KeycloakService, authService: AuthService, languageService: LanguageService, tenantHandlingService: TenantHandlingService, router: Router) {
+export function InstallationConfigurationFactory(appConfig: ConfigurationService, keycloak: KeycloakService, authService: AuthService, languageService: LanguageService, tenantHandlingService: TenantHandlingService, router: Router, routerUtils: RouterUtilsService) {
 	return () => appConfig.loadConfiguration().then(() => {
 		return languageService.loadAvailableLanguages().toPromise();
 	}).then(x => keycloak.init({
@@ -110,12 +111,14 @@ export function InstallationConfigurationFactory(appConfig: ConfigurationService
 
 		const tenantCode = tenantHandlingService.extractTenantCodeFromUrlPath(window.location.pathname) ?? authService.selectedTenant() ?? 'default';
 		const tokenPromise = keycloak.getToken();
-		return authService.prepareAuthRequest(from(tokenPromise), tenantCode, { params })
+
+		return authService.prepareAuthRequest(from(tokenPromise), tenantCode, { params }, true)
 			.toPromise()
 			.then(() => {
-				if (authService.selectedTenant() != tenantCode) {
-					router.navigate(['/']);
-				} 
+				if (authService.selectedTenant() != null && authService.selectedTenant() != tenantCode) {
+					let trimedPath = tenantHandlingService.trimUrlPathFormTenantCode(window.location.pathname);
+					router.navigate([routerUtils.generateUrl(trimedPath)]);
+				}
 			})
 			.catch(error => authService.onAuthenticateError(error));
 	}));
@@ -165,7 +168,7 @@ export function InstallationConfigurationFactory(appConfig: ConfigurationService
 		{
 			provide: APP_INITIALIZER,
 			useFactory: InstallationConfigurationFactory,
-			deps: [ConfigurationService, KeycloakService, AuthService, LanguageService, TenantHandlingService, Router],
+			deps: [ConfigurationService, KeycloakService, AuthService, LanguageService, TenantHandlingService, Router, RouterUtilsService],
 			multi: true
 		},
 		{
diff --git a/frontend/src/app/core/services/auth/auth.service.ts b/frontend/src/app/core/services/auth/auth.service.ts
index b212e57c7..01df0a26a 100644
--- a/frontend/src/app/core/services/auth/auth.service.ts
+++ b/frontend/src/app/core/services/auth/auth.service.ts
@@ -167,7 +167,12 @@ export class AuthService extends BaseService {
 	public isLoggedIn(): boolean {
 		return this.authState();
 	}
-	public prepareAuthRequest(observable: Observable<string>, tenantCode: string, httpParams?: Object): Observable<boolean> {
+	public prepareAuthRequest(observable: Observable<string>, tenantCode: string, httpParams?: Object, ignoreUnauth: boolean = false): Observable<boolean> {
+		if (ignoreUnauth) {
+			if (this.keycloakService.isLoggedIn() == false) return of(true);
+		}
+			 
+		
 		return observable.pipe(
 			map((x) => this.currentAuthenticationToken(x)),
 			concatMap(response => {
@@ -186,6 +191,7 @@ export class AuthService extends BaseService {
 			})
 		);
 	}
+
 	public refresh(): Observable<boolean> {
 		return this.principalService.me().pipe(
 			map((item) => {
diff --git a/frontend/src/app/core/services/tenant/tenant-handling.service.ts b/frontend/src/app/core/services/tenant/tenant-handling.service.ts
index 284ebe80e..44c508bf9 100644
--- a/frontend/src/app/core/services/tenant/tenant-handling.service.ts
+++ b/frontend/src/app/core/services/tenant/tenant-handling.service.ts
@@ -32,6 +32,17 @@ export class TenantHandlingService extends BaseService {
 		return tenantCode;
 	}
 
+	trimUrlPathFormTenantCode(path: string): string {
+		const tenantCode = this.extractTenantCodeFromUrlPath(path);
+
+		if (tenantCode == null || tenantCode == '') return path;
+
+		const tenantPart = '/t/'+tenantCode;
+
+		return path.substring(tenantPart.length, path.length);
+	}
+
+
 	getCurrentUrlEnrichedWithTenantCode(tenantCode: string, withOrigin: boolean) {
 		const path = this.getUrlEnrichedWithTenantCode(this.router.routerState.snapshot.url, tenantCode)
 		return withOrigin ? this.getBaseUrl() + path.toString().substring(1) : path;
diff --git a/frontend/src/app/ui/auth/login/login.component.ts b/frontend/src/app/ui/auth/login/login.component.ts
index a3ed7065d..522b61e5f 100644
--- a/frontend/src/app/ui/auth/login/login.component.ts
+++ b/frontend/src/app/ui/auth/login/login.component.ts
@@ -41,9 +41,8 @@ export class LoginComponent extends BaseComponent implements OnInit {
 				() => {
 					let returnUrL = this.returnUrl;
 
-					if (this.authService.selectedTenant() != tenantCode) returnUrL = this.routerUtils.generateUrl('/');
-
-					this.zone.run(() => this.router.navigateByUrl(this.routerUtils.generateUrl(returnUrL)));
+					window.location.href = returnUrL;
+					// this.zone.run(() => this.router.navigateByUrl(returnUrL));
 				},
 				(error) => this.authService.authenticate('/'));
 		}