diff --git a/api/src/controllers/auth.ts b/api/src/controllers/auth.ts
index 9cc05e3..dba3db9 100644
--- a/api/src/controllers/auth.ts
+++ b/api/src/controllers/auth.ts
@@ -1,6 +1,7 @@
 import { Security, Route, Tags, Example, Post, Body, Query, Hidden } from 'tsoa'
 import jwt from 'jsonwebtoken'
 import User from '../model/User'
+import Client from '../model/Client'
 import { InfoJWT } from '../types'
 import {
   generateAccessToken,
@@ -81,6 +82,9 @@ export class AuthController {
 const authorize = async (data: any): Promise<AuthorizeResponse> => {
   const { username, password, clientId } = data
 
+  const client = await Client.findOne({ clientId })
+  if (!client) throw new Error('Invalid clientId.')
+
   // Authenticate User
   const user = await User.findOne({ username })
   if (!user) throw new Error('Username is not found.')
diff --git a/api/src/controllers/info.ts b/api/src/controllers/info.ts
index ab42fc5..fca2604 100644
--- a/api/src/controllers/info.ts
+++ b/api/src/controllers/info.ts
@@ -25,9 +25,8 @@ export class InfoController {
     const response = {
       mode: process.env.MODE ?? 'desktop',
       cors:
-        process.env.CORS ?? process.env.MODE === 'server'
-          ? 'disable'
-          : 'enable',
+        process.env.CORS ||
+        (process.env.MODE === 'server' ? 'disable' : 'enable'),
       whiteList:
         process.env.WHITELIST?.split(' ')?.filter((url) => !!url) ?? [],
       protocol: process.env.PROTOCOL ?? 'http'
diff --git a/api/src/routes/api/auth.ts b/api/src/routes/api/auth.ts
index ab45b55..08664cb 100644
--- a/api/src/routes/api/auth.ts
+++ b/api/src/routes/api/auth.ts
@@ -1,44 +1,22 @@
 import express from 'express'
 
 import { AuthController } from '../../controllers/'
-import Client from '../../model/Client'
 
 import {
   authenticateAccessToken,
   authenticateRefreshToken
 } from '../../middlewares'
 
-import {
-  authorizeValidation,
-  getDesktopFields,
-  tokenValidation
-} from '../../utils'
+import { authorizeValidation, tokenValidation } from '../../utils'
 import { InfoJWT } from '../../types'
 
 const authRouter = express.Router()
-
-const clientIDs = new Set()
-
-export const populateClients = async () => {
-  const result = await Client.find()
-  clientIDs.clear()
-  result.forEach((r) => {
-    clientIDs.add(r.clientId)
-  })
-}
+const controller = new AuthController()
 
 authRouter.post('/authorize', async (req, res) => {
   const { error, value: body } = authorizeValidation(req.body)
   if (error) return res.status(400).send(error.details[0].message)
 
-  const { clientId } = body
-
-  // Verify client ID
-  if (!clientIDs.has(clientId)) {
-    return res.status(403).send('Invalid clientId.')
-  }
-
-  const controller = new AuthController()
   try {
     const response = await controller.authorize(body)
 
@@ -52,7 +30,6 @@ authRouter.post('/token', async (req, res) => {
   const { error, value: body } = tokenValidation(req.body)
   if (error) return res.status(400).send(error.details[0].message)
 
-  const controller = new AuthController()
   try {
     const response = await controller.token(body)
     const { accessToken } = response
@@ -66,7 +43,6 @@ authRouter.post('/token', async (req, res) => {
 authRouter.post('/refresh', authenticateRefreshToken, async (req: any, res) => {
   const userInfo: InfoJWT = req.user
 
-  const controller = new AuthController()
   try {
     const response = await controller.refresh(userInfo)
 
@@ -79,7 +55,6 @@ authRouter.post('/refresh', authenticateRefreshToken, async (req: any, res) => {
 authRouter.delete('/logout', authenticateAccessToken, async (req: any, res) => {
   const userInfo: InfoJWT = req.user
 
-  const controller = new AuthController()
   try {
     await controller.logout(userInfo)
   } catch (e) {}
diff --git a/api/src/routes/api/spec/auth.spec.ts b/api/src/routes/api/spec/auth.spec.ts
index 2377809..4a0014d 100644
--- a/api/src/routes/api/spec/auth.spec.ts
+++ b/api/src/routes/api/spec/auth.spec.ts
@@ -8,7 +8,6 @@ import {
   ClientController,
   AuthController
 } from '../../../controllers/'
-import { populateClients } from '../auth'
 import { InfoJWT } from '../../../types'
 import {
   generateAccessToken,
@@ -42,7 +41,6 @@ describe('auth', () => {
     mongoServer = await MongoMemoryServer.create()
     con = await mongoose.connect(mongoServer.getUri())
     await clientController.createClient({ clientId, clientSecret })
-    await populateClients()
   })
 
   afterAll(async () => {
@@ -154,7 +152,7 @@ describe('auth', () => {
         })
         .expect(403)
 
-      expect(res.text).toEqual('Invalid clientId.')
+      expect(res.text).toEqual('Error: Invalid clientId.')
       expect(res.body).toEqual({})
     })
   })
diff --git a/api/src/utils/connectDB.ts b/api/src/utils/connectDB.ts
index a751b16..0fea107 100644
--- a/api/src/utils/connectDB.ts
+++ b/api/src/utils/connectDB.ts
@@ -1,5 +1,4 @@
 import mongoose from 'mongoose'
-import { populateClients } from '../routes/api/auth'
 import { seedDB } from './seedDB'
 
 export const connectDB = async () => {
@@ -22,7 +21,5 @@ export const connectDB = async () => {
     console.log('Connected to db!')
 
     await seedDB()
-
-    await populateClients()
   })
 }