diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/jwt/JWTValidationServiceImpl.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/jwt/JWTValidationServiceImpl.java
index 52eecbb825c8..6d094179d104 100644
--- a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/jwt/JWTValidationServiceImpl.java
+++ b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/jwt/JWTValidationServiceImpl.java
@@ -71,13 +71,15 @@ public String getKeyManagerNameIfJwtValidatorExist(SignedJWTInfo signedJWTInfo)
         String issuer = signedJWTInfo.getJwtClaimsSet().getIssuer();
         List<KeyManagerDto> keyManagerDtoList = KeyManagerHolder.getKeyManagerByIssuer(tenantDomain, issuer);
         KeyManagerDto keyManagerDto = null;
-        if (keyManagerDtoList.size() == 1) { // only one keymanager. no need to check if it can handle token
-            keyManagerDto = keyManagerDtoList.get(0);
-        } else {
-            for (KeyManagerDto kmrDto : keyManagerDtoList) {
-                if (kmrDto.getKeyManager().canHandleToken(signedJWTInfo.getToken())) {
-                    keyManagerDto = kmrDto;
-                    break;
+        if (keyManagerDtoList != null) {
+            if (keyManagerDtoList.size() == 1) { // only one keymanager. no need to check if it can handle token
+                keyManagerDto = keyManagerDtoList.get(0);
+            } else {
+                for (KeyManagerDto kmrDto : keyManagerDtoList) {
+                    if (kmrDto.getKeyManager().canHandleToken(signedJWTInfo.getToken())) {
+                        keyManagerDto = kmrDto;
+                        break;
+                    }
                 }
             }
         }