If requests are made to endpoints that don't require admission controlling but the resolve token part is required the request is not forwared but failed du to the invalid token.
this is especially problematic for UI interactions where users might not yet have logged in
#25
