diff --git a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OktaOAuthAuthenticationService.java b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OktaOAuthAuthenticationService.java
index 75ad0faeb..8501b12b9 100644
--- a/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OktaOAuthAuthenticationService.java
+++ b/pic-sure-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OktaOAuthAuthenticationService.java
@@ -55,6 +55,8 @@ public Response authenticate(UriInfo uriInfo, Map<String, String> authRequest) {
                 return PICSUREResponse.error("Failed to introspect access token.");
             }
 
+            logger.info("Introspection Token: " + introspectResponse);
+
             User user = initializeUser(introspectResponse);
             if (user == null) {
                 logger.info("LOGIN FAILED ___ USER NOT FOUND ___ " + userToken.get("email").asText() + ":" + userToken.get("sub").asText() + " ___");
@@ -72,6 +74,12 @@ public Response authenticate(UriInfo uriInfo, Map<String, String> authRequest) {
     }
 
     private User initializeUser(JsonNode introspectResponse) {
+        boolean isActive = introspectResponse.get("active").asBoolean();
+        if (!isActive) {
+            logger.info("LOGIN FAILED ___ USER IS NOT ACTIVE ___ ");
+            return null;
+        }
+
         User user = loadUser(introspectResponse);
         clearCache(user);
         user = addUserRoles(user);