diff --git a/api/src/app/app.ts b/api/src/app/app.ts
index bdaee04..433b8a5 100644
--- a/api/src/app/app.ts
+++ b/api/src/app/app.ts
@@ -22,8 +22,8 @@ export async function app(fastify: FastifyInstance, opts: AppOptions) {
       });
     }
 
-    // Log unauthorized access attempts
-    if (error.statusCode === 401 || error.statusCode === 403) {
+    // Log unauthorized access attempts (exclude /api/auth/me as 401s there are expected during token refresh)
+    if ((error.statusCode === 401 || error.statusCode === 403) && request.url !== '/api/auth/me') {
       await AuditService.log({
         action: AuditAction.unauthorizedAccess,
         category: AuditCategory.security,