diff --git a/www/app/lib/AuthProvider.tsx b/www/app/lib/AuthProvider.tsx
index 67c440da..1a8ebea6 100644
--- a/www/app/lib/AuthProvider.tsx
+++ b/www/app/lib/AuthProvider.tsx
@@ -90,7 +90,11 @@ export function AuthProvider({ children }: { children: React.ReactNode }) {
   // not useEffect, we need it ASAP
   // apparently, still no guarantee this code runs before mutations are fired
   configureApiAuth(
-    contextValue.status === "authenticated" ? contextValue.accessToken : null,
+    contextValue.status === "authenticated"
+      ? contextValue.accessToken
+      : contextValue.status === "loading"
+        ? undefined
+        : null,
   );
 
   return (
diff --git a/www/app/lib/apiClient.tsx b/www/app/lib/apiClient.tsx
index 4bedaebe..4b4ca6a0 100644
--- a/www/app/lib/apiClient.tsx
+++ b/www/app/lib/apiClient.tsx
@@ -56,6 +56,8 @@ export const $api = createFetchClient<paths>(client);
 let currentAuthToken: string | null | undefined = undefined;
 
 // the function contract: lightweight, idempotent
-export const configureApiAuth = (token: string | null) => {
+export const configureApiAuth = (token: string | null | undefined) => {
+  // watch only for the initial loading; "reloading" state assumes token presence/absence
+  if (token === undefined && currentAuthToken !== undefined) return;
   currentAuthToken = token;
 };