diff --git a/lib/doorkeeper/oauth/token_introspection.rb b/lib/doorkeeper/oauth/token_introspection.rb
index 12b08e44f..90d2ecb6f 100644
--- a/lib/doorkeeper/oauth/token_introspection.rb
+++ b/lib/doorkeeper/oauth/token_introspection.rb
@@ -163,7 +163,7 @@ def valid_token?
 
       # RFC7662 Section 2.1
       def authorized_token_matches_introspected?
-        authorized_token.token == @token.token
+        authorized_token.token == @token&.token
       end
 
       # If token doesn't belong to some client, then it is public.