diff --git a/packages/@jsonql/koa/package.json b/packages/@jsonql/koa/package.json
index d5556857f73e0a7ced4ce13529ad6a538cb3fd66..a683b5e3e6456c9afd2bd1c6f3b9a87bdf70391d 100644
--- a/packages/@jsonql/koa/package.json
+++ b/packages/@jsonql/koa/package.json
@@ -53,7 +53,7 @@
     "debug": "^4.1.1",
     "fs-extra": "^8.1.0",
     "jsonql-constants": "^1.8.10",
-    "jsonql-koa": "^1.4.7",
+    "jsonql-koa": "^1.4.9",
     "jsonql-params-validator": "^1.4.11",
     "koa": "^2.11.0",
     "koa-bodyparser": "^4.2.1",
diff --git a/packages/@jsonql/koa/src/index.js b/packages/@jsonql/koa/src/index.js
index 62f6e3b6d204d3514647da39928e5b9b03b8c839..64d2cd05339eb26d3c44ba1f67e4d4e7f0d8436e 100644
--- a/packages/@jsonql/koa/src/index.js
+++ b/packages/@jsonql/koa/src/index.js
@@ -3,8 +3,8 @@ const http = require('http')
 const Koa = require('koa')
 const bodyparser = require('koa-bodyparser')
 const cors = require('koa-cors')
-/* require('../../../koa/main') */
-const { jsonqlKoa } = require('jsonql-koa')
+const { jsonqlKoa } = require('../../../koa/main') 
+/* const { jsonqlKoa } = require('jsonql-koa') */
 const { getSocketServer } = require('./get-socket-server')
 
 /**
diff --git a/packages/koa/main.js b/packages/koa/main.js
index 188245a229d0ee6d6c685eaed77232af23df0cc9..c89ffeb8dccec79cba0564ae73ef2208f9453c2f 100644
--- a/packages/koa/main.js
+++ b/packages/koa/main.js
@@ -1,3 +1,6 @@
-// export for CJS modules using esm modules
+// export for CJS modules using esm module
+// @TODO remove later
+require('debug')('jsonql-koa:main')('calling the jsonql-koa/main')
+// run the esm
 require = require('esm')(module)
 module.exports = require('./index.js')
diff --git a/packages/koa/package.json b/packages/koa/package.json
index a91956edf1f305e60c6abbc96d010d7a20c45305..652d52acf4129be5ec6373e4a7696b56b33fc849 100644
--- a/packages/koa/package.json
+++ b/packages/koa/package.json
@@ -1,6 +1,6 @@
 {
   "name": "jsonql-koa",
-  "version": "1.4.9",
+  "version": "1.4.10",
   "description": "jsonql Koa middleware",
   "main": "main.js",
   "module": "index.js",
diff --git a/packages/koa/src/middlewares/auth-middleware.js b/packages/koa/src/middlewares/auth-middleware.js
index c3d729272b6cc7eebb4b2de7ba97d03635aa9273..690b968140934b850de2fbd240694baf1e54414d 100644
--- a/packages/koa/src/middlewares/auth-middleware.js
+++ b/packages/koa/src/middlewares/auth-middleware.js
@@ -32,6 +32,7 @@ export default function authMiddleware(config) {
         const token = authHeaderParser(ctx)
         if (token) {
           debug('got a token', token)
+          // @BUG 1.4.9 this still throw the error when it shouldn't have
           let validatorFn = getValidator(config , AUTH_TYPE, contract)
           let userdata = await validatorFn(token)
           debug('validatorFn result', userdata)
diff --git a/packages/koa/src/utils/auth-middleware-helpers.js b/packages/koa/src/utils/auth-middleware-helpers.js
index e72141363dd9ddcc13665528a728304ff162f53c..5793943e4e76ba5cabe3a7b8fa0a565fa7d19219 100644
--- a/packages/koa/src/utils/auth-middleware-helpers.js
+++ b/packages/koa/src/utils/auth-middleware-helpers.js
@@ -89,11 +89,10 @@ export const getValidator = (config, type, contract) => {
   try {
     localValidator = getLocalValidator(config, type, contract)
   } catch(e) {
-    debug('localValidator throw error', e)
+    // debug('localValidator throw error', e)
     const checkErr = e instanceof JsonqlResolverNotFoundError
-    // debug('checkErr', checkErr)
-    // we ignore this error becasue they might not have one?
     if (!checkErr) {
+      debug(`Not the JsonqlResolverNotFoundError?`, e)
       return finalCatch(e)
     }
   }
diff --git a/packages/koa/tests/fixtures/slim/auth/login.js b/packages/koa/tests/fixtures/slim/auth/login.js
new file mode 100644
index 0000000000000000000000000000000000000000..349b082822f5542a942eaf464bf965cbf453adde
--- /dev/null
+++ b/packages/koa/tests/fixtures/slim/auth/login.js
@@ -0,0 +1,8 @@
+/**
+ * super simple login api
+ * @param {string} name just pass a name
+ * @return {object} just an object
+ */
+module.exports = function login(name) {
+  return {name, timestamp: Date.now()}
+}
diff --git a/packages/koa/tests/without-validator.test.js b/packages/koa/tests/without-validator.test.js
new file mode 100644
index 0000000000000000000000000000000000000000..9f543812c5401280a73a28ecfd2fe3901da5f572
--- /dev/null
+++ b/packages/koa/tests/without-validator.test.js
@@ -0,0 +1,25 @@
+// testing enableAuth without a custom validator
+const test = require('ava')
+const debug = require('debug')('jsonql-koa:test:without-validator')
+const { createQuery } = require('jsonql-utils')
+const fsx = require('fs-extra')
+const { merge } = require('lodash')
+// const jsonqlMiddleware = require(join(__dirname, '..', 'index'))
+const { type, headers, dirs, bearer, contractKeyName } = require('./fixtures/options')
+const createServer = require('./helpers/server')
+const dir = 'without';
+const keysDir = join(join(dirs.contractDir, 'without-validator-keys'))
+
+test.before((t) => {
+  t.context.app = createServer({
+    useJwt: true,
+    enableAuth: true
+  }, dir)
+})
+
+test.after(t => {
+  fsx.removeSync(keysDir)
+  fsx.removeSync(join(dirs.contractDir, dir))
+})
+
+test.todo(`It should able to use the build-in jwt validator without a custom one`)