diff --git a/src/App.vue b/src/App.vue
index 4a90382b41..60faeefe24 100644
--- a/src/App.vue
+++ b/src/App.vue
@@ -1128,7 +1128,10 @@ export default {
 				// in case of a redirect (302) trigger a page reload
 				// needed to fix external auth issues #3427
 				const statusCode = error.response?.status
-				if ([302, 401].includes(statusCode)) {
+				if (
+					[302, 401].includes(statusCode) ||
+					error.response?.type === 'opaqueredirect'
+				) {
 					// reload current page, be sure this doesn't hits cache, add a random query param
 					location.search = `?auth=${uuid()}`
 					return
diff --git a/src/apis/ConfigApis.js b/src/apis/ConfigApis.js
index 1d830b7f14..ecade4e775 100644
--- a/src/apis/ConfigApis.js
+++ b/src/apis/ConfigApis.js
@@ -53,8 +53,29 @@ export default {
 		return request.get('/logout')
 	},
 	async isAuthEnabled() {
-		const response = await request.get('/auth-enabled')
-		return response.data
+		// use fetch instead of axios here in order to catch
+		// redirects and fix external auth:
+		// https://github.com/zwave-js/zwave-js-ui/issues/3427
+		// const response = await request.get('/auth-enabled')
+		// return response.data
+
+		const response = await fetch('/api/auth-enabled', {
+			credentials: 'include',
+			redirect: 'manual',
+			headers: {
+				Accept: 'application/json',
+			},
+		})
+		if (response.type === 'opaqueredirect') {
+			throw new axios.AxiosError(
+				'Caught redirect for auth-enabled, rethrowing',
+				response.status,
+				response.config,
+				response.request,
+				response,
+			)
+		}
+		return await response.json()
 	},
 	// ---- USER ------
 	async updatePassword(data) {