diff --git a/pages/api/auth/[...nextauth].ts b/pages/api/auth/[...nextauth].ts
index ce10224e8..ee9cb6928 100644
--- a/pages/api/auth/[...nextauth].ts
+++ b/pages/api/auth/[...nextauth].ts
@@ -100,6 +100,15 @@ export const authOptions: NextAuthOptions = {
       checks: ['state', 'nonce'],
       profile: async (profile) => {
         profile = await decryptJwe(profile.userinfo_token, jwk)
+
+        //Validate SIN and UID to ensure they are not null and are alphanumeric
+        const sinRegex = /^[a-zA-Z0-9]+$/
+        if (profile.sin === null || !sinRegex.test(profile.sin)) {
+          logger.error('SIN is not valid')
+        } else if (profile.uid === null || !sinRegex.test(profile.uid)) {
+          logger.error('UID is not valid')
+        }
+
         //Make call to msca-ng API to create user if it doesn't exist
         axios
           .post(