diff --git a/app/controllers/api/v1/registrant/auth_controller.rb b/app/controllers/api/v1/registrant/auth_controller.rb
index 36bf750a8..bfd99baad 100644
--- a/app/controllers/api/v1/registrant/auth_controller.rb
+++ b/app/controllers/api/v1/registrant/auth_controller.rb
@@ -5,21 +5,30 @@ module Api
   module V1
     module Registrant
       class AuthController < ActionController::API
+        rescue_from(ActionController::ParameterMissing) do |parameter_missing_exception|
+          error = {}
+          error[parameter_missing_exception.param] = ['parameter is required']
+          response = { errors: [error] }
+          render json: response, status: :unprocessable_entity
+        end
+
         def eid
-          login_params = set_eid_params
+          user = RegistrantUser.find_or_create_by_api_data(eid_params)
+          token = create_token(user)
 
-          user = RegistrantUser.find_or_create_by_api_data(login_params)
-
-          unless user.valid?
-            render json: user.errors, status: :bad_request
-          else
-            token = create_token(user)
+          if token
             render json: token
+          else
+            render json: { error: 'Cannot create generate session token'}
           end
         end
 
-        def set_eid_params
-          params.permit(:ident, :first_name, :last_name)
+        private
+
+        def eid_params
+          [:ident, :first_name, :last_name].each_with_object(params) do |key, obj|
+            obj.require(key)
+          end
         end
 
         def create_token(user)
diff --git a/app/models/registrant_user.rb b/app/models/registrant_user.rb
index 8f742a361..db851eb6a 100644
--- a/app/models/registrant_user.rb
+++ b/app/models/registrant_user.rb
@@ -53,10 +53,14 @@ class RegistrantUser < User
     end
 
     def find_or_create_by_api_data(api_data = {})
+      return false unless api_data[:ident]
+      return false unless api_data[:first_name]
+      return false unless api_data[:last_name]
+
       estonian_ident = "EE-#{api_data[:ident]}"
 
       user = find_or_create_by(registrant_ident: estonian_ident)
-      user.username = "#{api_data[:first_name]}, #{api_data[:last_name]}"
+      user.username = "#{api_data[:first_name]} #{api_data[:last_name]}"
       user.save
 
       user
diff --git a/test/system/api/registrant/registrant_api_authentication_test.rb b/test/system/api/registrant/registrant_api_authentication_test.rb
index 6789b3d5d..82b5f48fd 100644
--- a/test/system/api/registrant/registrant_api_authentication_test.rb
+++ b/test/system/api/registrant/registrant_api_authentication_test.rb
@@ -28,6 +28,17 @@ class RegistrantApiAuthenticationTest < ApplicationSystemTestCase
   end
 
   def test_request_returns_existing_user
+    assert_no_changes User.count do
+      post '/api/v1/registrant/auth/eid', @user_hash
+    end
+  end
 
+  def test_request_documented_parameters_are_required
+    params = { foo: :bar, test: :test }
+
+    post '/api/v1/registrant/auth/eid', params
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_equal({errors: [{ident: ['parameter is required']}]}, json)
+    assert_equal(422, response.status)
   end
 end
diff --git a/test/test_helper.rb b/test/test_helper.rb
index 56a4a7aeb..500861f75 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -11,7 +11,7 @@ require 'minitest/mock'
 require 'capybara/rails'
 require 'capybara/minitest'
 require 'webmock/minitest'
-require 'support/rails5_assertions' # Remove once upgraded to Rails 5
+require 'support/rails5_assetions' # Remove once upgraded to Rails 5
 
 require 'application_system_test_case'