diff --git a/data/web/json_api.php b/data/web/json_api.php
index 48670289..2b257119 100644
--- a/data/web/json_api.php
+++ b/data/web/json_api.php
@@ -448,13 +448,16 @@ if (isset($_GET['query'])) {
         break;
         case "fido2-get-args":
           header('Content-Type: application/json');
-          // Login without username, no ids!
-          // $ids = fido2(array("action" => "get_all_cids"));
-          // if (count($ids) == 0) {
-            // return;
-          // }
-          $ids = NULL;
-          $getArgs = $WebAuthn->getGetArgs($ids, 30, true, true, true, true, $GLOBALS['FIDO2_UV_FLAG_LOGIN']);
+          // fetch allowed credentialIds
+          $cids = fido2(array("action" => "get_all_cids"));
+          if (count($cids) == 0) {  
+            print(json_encode(array(
+                'type' => 'error',
+                'msg' => 'Cannot find matching credentialIds'
+            )));
+          }
+
+          $getArgs = $WebAuthn->getGetArgs($cids, 30, true, true, true, true, $GLOBALS['FIDO2_UV_FLAG_LOGIN']);
           print(json_encode($getArgs));
           $_SESSION['challenge'] = $WebAuthn->getChallenge();
           return;
@@ -486,6 +489,12 @@ if (isset($_GET['query'])) {
           while($row = array_shift($rows)) {
             $cids[] = base64_decode($row['keyHandle']);
           }
+          if (count($cids) == 0) {
+            print(json_encode(array(
+                'type' => 'error',
+                'msg' => 'Cannot find matching credentialIds'
+            )));
+          }
 
           $getArgs = $WebAuthn->getGetArgs($cids, 30, true, true, true, true, $GLOBALS['WEBAUTHN_UV_FLAG_LOGIN']);
           $getArgs->publicKey->extensions = array('appid' => "https://".$getArgs->publicKey->rpId);