diff --git a/CHANGELOG.md b/CHANGELOG.md
index cac331e..51304fa 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,7 @@ Updates should follow the [Keep a CHANGELOG](http://keepachangelog.com/) princip
 ## [Unreleased][unreleased]
 ### Fixed
 - Don't overwrite global preflight handler if it is set and enableGlobalPreflight is called without parameter
+- Input validation before authorization check in ApiPresenter (causes issues with some authorization handlers that need to check input params)
 
 ## 3.4.0
 
diff --git a/src/Presenters/ApiPresenter.php b/src/Presenters/ApiPresenter.php
index 53ea901..801da4e 100644
--- a/src/Presenters/ApiPresenter.php
+++ b/src/Presenters/ApiPresenter.php
@@ -85,19 +85,19 @@ public function run(Request $request): IResponse
         }
 
         $paramsProcessor = new ParamsProcessor($handler->params());
-        if ($paramsProcessor->isError()) {
-            $response = $this->errorHandler->handleInputParams($paramsProcessor->getErrors());
-            $this->response->setCode($response->getCode());
-            return $response;
-        }
-
-        $params = $paramsProcessor->getValues();
+        $params = $paramsProcessor->isError() ? [] : $paramsProcessor->getValues();
 
         $authResponse = $this->checkAuth($authorization, $params);
         if ($authResponse !== null) {
             return $authResponse;
         }
 
+        if ($paramsProcessor->isError()) {
+            $response = $this->errorHandler->handleInputParams($paramsProcessor->getErrors());
+            $this->response->setCode($response->getCode());
+            return $response;
+        }
+
         try {
             $response = $handler->handle($params);
             $code = $response->getCode();
@@ -145,7 +145,7 @@ private function getApi(Request $request): Api
             $request->getMethod() ?? '',
             $request->getParameter('version'),
             $request->getParameter('package'),
-            $request->getParameter('apiAction')
+            $request->getParameter('apiAction'),
         );
     }
 
@@ -216,10 +216,10 @@ private function logRequest(Request $request, ApiLoggerInterface $logger, int $c
             $code,
             $request->getMethod() ?? '',
             $requestHeaders,
-            (string) filter_input(INPUT_SERVER, 'REQUEST_URI'),
+            (string)filter_input(INPUT_SERVER, 'REQUEST_URI'),
             $ipDetector->getRequestIp(),
-            (string) filter_input(INPUT_SERVER, 'HTTP_USER_AGENT'),
-            (int) ($elapsed * self::TO_SECONDS)
+            (string)filter_input(INPUT_SERVER, 'HTTP_USER_AGENT'),
+            (int)($elapsed * self::TO_SECONDS),
         );
     }