diff --git a/api/services/account_service.py b/api/services/account_service.py
index 6257f1d3c9..57eabd5b6a 100644
--- a/api/services/account_service.py
+++ b/api/services/account_service.py
@@ -322,9 +322,6 @@ class AccountService:
 
     @staticmethod
     def refresh_token(refresh_token: str) -> TokenPair:
-        if not AccountService.verify_account_whitelist(refresh_token):
-            raise ValueError("Account is not whitelisted")
-
         # Verify the refresh token
         account_id = redis_client.get(AccountService._get_refresh_token_key(refresh_token))
         if not account_id:
@@ -334,6 +331,9 @@ class AccountService:
         if not account:
             raise ValueError("Invalid account")
 
+        if not AccountService.verify_account_whitelist(account.email):
+            raise ValueError("Account is not whitelisted")
+
         # Generate new access token and refresh token
         new_access_token = AccountService.get_account_jwt_token(account)
         new_refresh_token = _generate_refresh_token()