diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CallLinkController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CallLinkController.java
index 91a7d6171..995c04872 100644
--- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CallLinkController.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CallLinkController.java
@@ -11,6 +11,7 @@ import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount;
 import org.whispersystems.textsecuregcm.entities.CreateCallLinkCredential;
 import org.whispersystems.textsecuregcm.entities.GetCreateCallLinkCredentialsRequest;
 import org.whispersystems.textsecuregcm.limits.RateLimiters;
+import javax.validation.Valid;
 import javax.validation.constraints.NotNull;
 import javax.ws.rs.BadRequestException;
 import javax.ws.rs.POST;
@@ -52,7 +53,7 @@ public class CallLinkController {
   @ApiResponse(responseCode = "429", description = "Ratelimited.")
   public CreateCallLinkCredential getCreateAuth(
       final @Auth AuthenticatedAccount auth,
-      final @NotNull GetCreateCallLinkCredentialsRequest request
+      final @NotNull @Valid GetCreateCallLinkCredentialsRequest request
   ) throws RateLimitExceededException {
 
     rateLimiters.getCreateCallLinkLimiter().validate(auth.getAccount().getUuid());
diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/entities/GetCreateCallLinkCredentialsRequest.java b/service/src/main/java/org/whispersystems/textsecuregcm/entities/GetCreateCallLinkCredentialsRequest.java
index 3da4adfb2..f3665f49a 100644
--- a/service/src/main/java/org/whispersystems/textsecuregcm/entities/GetCreateCallLinkCredentialsRequest.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/entities/GetCreateCallLinkCredentialsRequest.java
@@ -1,5 +1,6 @@
 package org.whispersystems.textsecuregcm.entities;
 
-import javax.validation.constraints.NotNull;
+import javax.validation.constraints.NotEmpty;
 
-public record GetCreateCallLinkCredentialsRequest(@NotNull byte[] createCallLinkCredentialRequest) {}
+
+public record GetCreateCallLinkCredentialsRequest(@NotEmpty byte[] createCallLinkCredentialRequest) {}
diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/CallLinkControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/CallLinkControllerTest.java
index 64ed4fa55..4cec6a1ed 100644
--- a/service/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/CallLinkControllerTest.java
+++ b/service/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/CallLinkControllerTest.java
@@ -100,6 +100,28 @@ public class CallLinkControllerTest {
     }
   }
 
+  @Test
+  void testGetCreateAuthInvalidInputEmptyRequestBody() {
+    try (Response response = resources.getJerseyTest()
+        .target("/v1/call-link/create-auth")
+        .request()
+        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
+        .post(Entity.json("{}"))) {
+      assertThat(response.getStatus()).isEqualTo(422);
+    }
+  }
+
+  @Test
+  void testGetCreateAuthInvalidInputEmptyField() {
+    try (Response response = resources.getJerseyTest()
+        .target("/v1/call-link/create-auth")
+        .request()
+        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
+        .post(Entity.json("{\"createCallLinkCredentialRequest\": \"\"}"))) {
+      assertThat(response.getStatus()).isEqualTo(422);
+    }
+  }
+
   @Test
   void testGetCreateAuthRatelimited() throws RateLimitExceededException{
     doThrow(new RateLimitExceededException(null, false))