diff --git a/src/Core/Services/TokenService.cs b/src/Core/Services/TokenService.cs
index 5e7f9d43..a2cf0ee4 100644
--- a/src/Core/Services/TokenService.cs
+++ b/src/Core/Services/TokenService.cs
@@ -38,7 +38,7 @@ namespace Bit.Core.Services
                 }
 
                 var encBytes = SettingsService.Instance.AccessToken;
-                if(encBytes != null)
+                if(encBytes?.Value != null)
                 {
                     _accessToken = Encoding.ASCII.GetString(encBytes.Decrypt());
                 }
diff --git a/src/Core/Utilities/AzureAuthenticationProvider.cs b/src/Core/Utilities/AzureAuthenticationProvider.cs
index 7fc14fdc..07b30227 100644
--- a/src/Core/Utilities/AzureAuthenticationProvider.cs
+++ b/src/Core/Utilities/AzureAuthenticationProvider.cs
@@ -18,8 +18,8 @@ namespace Bit.Core.Utilities
 
             var authContext = new AuthenticationContext(
                 $"https://login.windows.net/{SettingsService.Instance.Server.Azure.Tenant}/oauth2/token");
-            var creds = new ClientCredential(SettingsService.Instance.Server.Azure.Id,
-                SettingsService.Instance.Server.Azure.Secret.DecryptToString());
+            var secret = SettingsService.Instance.Server.Azure.Secret.DecryptToString();
+            var creds = new ClientCredential(SettingsService.Instance.Server.Azure.Id, secret);
             var authResult = await authContext.AcquireTokenAsync("https://graph.microsoft.com/", creds);
             request.Headers.Add("Authorization", $"Bearer {authResult.AccessToken}");
         }