diff --git a/src/mcp/server/auth/middleware/bearer_auth.py b/src/mcp/server/auth/middleware/bearer_auth.py
index 295605af7..a16ed3f63 100644
--- a/src/mcp/server/auth/middleware/bearer_auth.py
+++ b/src/mcp/server/auth/middleware/bearer_auth.py
@@ -74,7 +74,7 @@ def __init__(self, app: Any, required_scopes: list[str]):
 
     async def __call__(self, scope: Scope, receive: Receive, send: Send) -> None:
         auth_user = scope.get("user")
-        if not isinstance(auth_user, AuthenticatedUser):
+        if not isinstance(auth_user, AuthenticatedUser) and self.required_scopes:
             raise HTTPException(status_code=401, detail="Unauthorized")
         auth_credentials = scope.get("auth")