diff --git a/services/src/main/java/org/keycloak/protocol/oidc/AccessTokenIntrospectionProvider.java b/services/src/main/java/org/keycloak/protocol/oidc/AccessTokenIntrospectionProvider.java
index 59d39efc3b..d45f354038 100644
--- a/services/src/main/java/org/keycloak/protocol/oidc/AccessTokenIntrospectionProvider.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/AccessTokenIntrospectionProvider.java
@@ -112,10 +112,12 @@ public class AccessTokenIntrospectionProvider implements TokenIntrospectionProvi
             tokenMetadata.put("active", userSession != null);
 
             // if consumer requests application/jwt return a JWT representation of the introspection contents in an jwt field
-            boolean isJwtRequest = org.keycloak.utils.MediaType.APPLICATION_JWT.equals(session.getContext().getRequestHeaders().getHeaderString(HttpHeaders.ACCEPT));
-            if (isJwtRequest && Boolean.parseBoolean(client.getAttribute(Constants.SUPPORT_JWT_CLAIM_IN_INTROSPECTION_RESPONSE_ENABLED))) {
-                // consumers can use this to convert an opaque token into an JWT based token
-                tokenMetadata.put("jwt", session.tokens().encode(accessToken));
+            if (accessToken != null) {
+                boolean isJwtRequest = org.keycloak.utils.MediaType.APPLICATION_JWT.equals(session.getContext().getRequestHeaders().getHeaderString(HttpHeaders.ACCEPT));
+                if (isJwtRequest && Boolean.parseBoolean(client.getAttribute(Constants.SUPPORT_JWT_CLAIM_IN_INTROSPECTION_RESPONSE_ENABLED))) {
+                    // consumers can use this to convert an opaque token into an JWT based token
+                    tokenMetadata.put("jwt", session.tokens().encode(accessToken));
+                }
             }
 
             return Response.ok(JsonSerialization.writeValueAsBytes(tokenMetadata)).type(MediaType.APPLICATION_JSON_TYPE).build();