diff --git a/pwd/session.go b/pwd/session.go
index 2083add..a68b5b9 100644
--- a/pwd/session.go
+++ b/pwd/session.go
@@ -61,10 +61,14 @@ type SessionSetupInstanceConf struct {
 func (p *pwd) SessionNew(ctx context.Context, config types.SessionConfig) (*types.Session, error) {
 	defer observeAction("SessionNew", time.Now())
 
-	if _, err := p.UserGet(config.UserId); errors.Is(err, userBannedError) {
-		return nil, &AccessDeniedError{err}
-	} else if err != nil {
-		return nil, err
+	// Annonymous users should be also allowed to login
+	if config.UserId != "" {
+		if _, err := p.UserGet(config.UserId); errors.Is(err, userBannedError) {
+
+			return nil, &AccessDeniedError{err}
+		} else if err != nil {
+			return nil, err
+		}
 	}
 
 	s := &types.Session{}