diff --git a/src/Nullinside.Api.TwitchBot/Controllers/BotController.cs b/src/Nullinside.Api.TwitchBot/Controllers/BotController.cs
index 66ed740..71db3f7 100644
--- a/src/Nullinside.Api.TwitchBot/Controllers/BotController.cs
+++ b/src/Nullinside.Api.TwitchBot/Controllers/BotController.cs
@@ -62,7 +62,7 @@ public BotController(INullinsideContext dbContext, IConfiguration configuration)
       return Unauthorized();
     }
 
-    User? user = _dbContext.Users.FirstOrDefault(u => u.Id == int.Parse(userId.Value));
+    User? user = _dbContext.Users.FirstOrDefault(u => u.Id == int.Parse(userId.Value) && !u.IsBanned);
     if (null == user || null == user.TwitchToken || null == user.TwitchRefreshToken ||
         null == user.TwitchTokenExpiration || null == user.TwitchId) {
       return Unauthorized();
@@ -90,7 +90,7 @@ public async Task<IActionResult> ModBotAccount([FromServices] ITwitchApiProxy ap
       return Unauthorized();
     }
 
-    User? user = _dbContext.Users.FirstOrDefault(u => u.Id == int.Parse(userId.Value));
+    User? user = _dbContext.Users.FirstOrDefault(u => u.Id == int.Parse(userId.Value) && !u.IsBanned);
     if (null == user || null == user.TwitchToken || null == user.TwitchRefreshToken ||
         null == user.TwitchTokenExpiration || null == user.TwitchId) {
       return Unauthorized();
@@ -114,7 +114,7 @@ public async Task<IActionResult> GetConfig(CancellationToken token) {
       return Unauthorized();
     }
 
-    User? user = await _dbContext.Users.FirstOrDefaultAsync(u => u.Id == int.Parse(userId.Value), token);
+    User? user = await _dbContext.Users.FirstOrDefaultAsync(u => u.Id == int.Parse(userId.Value) && !u.IsBanned, token);
     if (null == user) {
       return Unauthorized();
     }
diff --git a/src/Nullinside.Api.TwitchBot/Model/NullinsideContextExtensions.cs b/src/Nullinside.Api.TwitchBot/Model/NullinsideContextExtensions.cs
index 72977ff..3a628f2 100644
--- a/src/Nullinside.Api.TwitchBot/Model/NullinsideContextExtensions.cs
+++ b/src/Nullinside.Api.TwitchBot/Model/NullinsideContextExtensions.cs
@@ -121,7 +121,7 @@ public static void Configure(this ITwitchApiProxy api, User user) {
   /// <returns>The number of state entries written to the database.</returns>
   private static async Task<int> UpdateOAuthInDatabase(this INullinsideContext db, int userId,
     TwitchAccessToken oAuth, CancellationToken stoppingToken = new()) {
-    User? row = await db.Users.FirstOrDefaultAsync(u => u.Id == userId, stoppingToken);
+    User? row = await db.Users.FirstOrDefaultAsync(u => u.Id == userId && !u.IsBanned, stoppingToken);
     if (null == row) {
       return -1;
     }
diff --git a/src/nullinside-api b/src/nullinside-api
index 7c34d16..115c52f 160000
--- a/src/nullinside-api
+++ b/src/nullinside-api
@@ -1 +1 @@
-Subproject commit 7c34d165d63412142e7e31be40c9cbce3af24298
+Subproject commit 115c52f63b801355c9fdb0cd993eedea39839474