diff --git a/classes/Rest/Controllers/BaseControllerProvider.php b/classes/Rest/Controllers/BaseControllerProvider.php
index 55b50dfbb7..080d6585e7 100644
--- a/classes/Rest/Controllers/BaseControllerProvider.php
+++ b/classes/Rest/Controllers/BaseControllerProvider.php
@@ -170,8 +170,6 @@ public function setupAssertions(Application $app, ControllerCollection $controll
      * @param Application $app that will be used to facilitate returning a
      *                         json response if information is found to be
      *                         missing.
-     * @return \Symfony\Component\HttpFoundation\JsonResponse if and only if
-     *                         the user is missing a token or an ip.
      *
      * @throws Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException
      */
@@ -744,7 +742,6 @@ protected function getTimestamp($date, $paramName = 'date', $format = 'Y-m-d')
 
     /**
      * @param Request $request
-     * @return \XDUser
      * @throws BadRequestHttpException if the provided token is empty, or there is not a provided token.
      * @throws \Exception if the user's token from the db does not validate against the provided token.
      */
@@ -778,6 +775,7 @@ protected function authenticateToken($request)
         $userId = substr($rawToken, 0, $delimPosition);
         $token = substr($rawToken, $delimPosition + 1);
 
-        return Tokens::authenticate($userId, $token);
+        $user = Tokens::authenticate($userId, $token);
+        $request->attributes->set(BaseControllerProvider::_USER, $user);
     }
 }
diff --git a/classes/Rest/Controllers/WarehouseControllerProvider.php b/classes/Rest/Controllers/WarehouseControllerProvider.php
index c1ac8d4c64..7d58c15db7 100644
--- a/classes/Rest/Controllers/WarehouseControllerProvider.php
+++ b/classes/Rest/Controllers/WarehouseControllerProvider.php
@@ -2140,7 +2140,8 @@ private function getUserStore(\XDUser $user, $realm)
      */
     public function getRawData(Request $request, Application $app)
     {
-        $user = parent::authenticateToken($request);
+        parent::authenticateToken($request);
+        $user = parent::getUserFromRequest($request);
         $params = $this->validateRawDataParams($request, $user);
         $query = $this->getRawDataQuery($params);
         $logger = $this->getRawDataLogger();
diff --git a/classes/Rest/Controllers/WarehouseExportControllerProvider.php b/classes/Rest/Controllers/WarehouseExportControllerProvider.php
index c0c7ec54fd..02098d446e 100644
--- a/classes/Rest/Controllers/WarehouseExportControllerProvider.php
+++ b/classes/Rest/Controllers/WarehouseExportControllerProvider.php
@@ -101,10 +101,7 @@ public function getRealms(Request $request, Application $app)
             // NOOP
         }
 
-        if ($user === null) {
-            $user = $this->authorize($request);
-        }
-
+        $user = $this->authorize($request);
 
         $config = RawStatisticsConfiguration::factory();