diff --git a/ui/src/api/client.ts b/ui/src/api/client.ts
index 3e9d003c..63779088 100644
--- a/ui/src/api/client.ts
+++ b/ui/src/api/client.ts
@@ -1,15 +1,17 @@
 import createClient, { type Middleware } from 'openapi-fetch';
 import type { paths } from './schema';
 import { config } from '../config';
+import { useAuthStore } from '../auth/auth-store';
 
-let getAccessToken: () => string | null = () => null;
+let getAccessToken: () => string | null = () =>
+  useAuthStore.getState().accessToken;
 let onUnauthorized: () => void = () => {};
 
 export function configureAuth(opts: {
-  getAccessToken: () => string | null;
+  getAccessToken?: () => string | null;
   onUnauthorized: () => void;
 }) {
-  getAccessToken = opts.getAccessToken;
+  if (opts.getAccessToken) getAccessToken = opts.getAccessToken;
   onUnauthorized = opts.onUnauthorized;
 }
 
diff --git a/ui/src/auth/use-auth.ts b/ui/src/auth/use-auth.ts
index 90331bfd..3d60ae3d 100644
--- a/ui/src/auth/use-auth.ts
+++ b/ui/src/auth/use-auth.ts
@@ -7,10 +7,9 @@ export function useAuth() {
   const { accessToken, isAuthenticated, refresh, logout } = useAuthStore();
   const navigate = useNavigate();
 
-  // Wire API client to auth store
+  // Wire onUnauthorized handler (needs navigate from router context)
   useEffect(() => {
     configureAuth({
-      getAccessToken: () => useAuthStore.getState().accessToken,
       onUnauthorized: async () => {
         const ok = await useAuthStore.getState().refresh();
         if (!ok) {