diff --git a/apps/scandic-web/middlewares/webView.ts b/apps/scandic-web/middlewares/webView.ts
index 1d898606a..e14ec5d4d 100644
--- a/apps/scandic-web/middlewares/webView.ts
+++ b/apps/scandic-web/middlewares/webView.ts
@@ -68,9 +68,17 @@ export const middleware: NextMiddleware = async (request) => {
   const authorizationToken = request.headers.get("X-Authorization")
   const webviewTokenCookie = request.cookies.get("webviewToken")
 
-  if (webviewTokenCookie && webviewTokenCookie.value === authorizationToken) {
-    // since the token exists, this is a subsequent visit
-    // we're done, allow it
+  if (
+    (webviewTokenCookie && webviewTokenCookie.value === authorizationToken) ||
+    (webviewTokenCookie && !authorizationToken)
+  ) {
+    // If the webviewToken cookie is present and matches the authorization token,
+    // we can skip decryption and just rewrite the request with the existing cookie.
+    // OR
+    // If the webviewToken cookie is present but no authorization token is provided
+    // we can skip the decryption and see if our cookie is valid.
+    // This handles when the app is navigating between pages inside the webview
+
     return handleWebviewRewrite({
       nextUrl,
       headers,