diff --git a/packages/twenty-server/src/engine/core-modules/auth/filters/auth-file-api-exception.filter.ts b/packages/twenty-server/src/engine/core-modules/auth/filters/auth-file-api-exception.filter.ts
new file mode 100644
index 000000000000..038c040cff12
--- /dev/null
+++ b/packages/twenty-server/src/engine/core-modules/auth/filters/auth-file-api-exception.filter.ts
@@ -0,0 +1,38 @@
+import { ArgumentsHost, Catch, ExceptionFilter } from '@nestjs/common';
+
+import { Response } from 'express';
+
+import {
+  AuthException,
+  AuthExceptionCode,
+} from 'src/engine/core-modules/auth/auth.exception';
+import { HttpExceptionHandlerService } from 'src/engine/core-modules/exception-handler/http-exception-handler.service';
+
+@Catch(AuthException)
+export class AuthFileApiExceptionFilter implements ExceptionFilter {
+  constructor(
+    private readonly httpExceptionHandlerService: HttpExceptionHandlerService,
+  ) {}
+
+  catch(exception: AuthException, host: ArgumentsHost) {
+    const ctx = host.switchToHttp();
+    const response = ctx.getResponse<Response>();
+
+    switch (exception.code) {
+      case AuthExceptionCode.UNAUTHENTICATED:
+      case AuthExceptionCode.INVALID_INPUT:
+        return this.httpExceptionHandlerService.handleError(
+          exception,
+          response,
+          403,
+        );
+      case AuthExceptionCode.INTERNAL_SERVER_ERROR:
+      default:
+        return this.httpExceptionHandlerService.handleError(
+          exception,
+          response,
+          500,
+        );
+    }
+  }
+}
diff --git a/packages/twenty-server/src/engine/core-modules/file/controllers/file.controller.ts b/packages/twenty-server/src/engine/core-modules/file/controllers/file.controller.ts
index cd95d43c79aa..9a2845c9c905 100644
--- a/packages/twenty-server/src/engine/core-modules/file/controllers/file.controller.ts
+++ b/packages/twenty-server/src/engine/core-modules/file/controllers/file.controller.ts
@@ -1,4 +1,12 @@
-import { Controller, Get, Param, Req, Res, UseGuards } from '@nestjs/common';
+import {
+  Controller,
+  Get,
+  Param,
+  Req,
+  Res,
+  UseFilters,
+  UseGuards,
+} from '@nestjs/common';
 
 import { Response } from 'express';
 
@@ -7,6 +15,7 @@ import {
   FileStorageExceptionCode,
 } from 'src/engine/core-modules/file-storage/interfaces/file-storage-exception';
 
+import { AuthFileApiExceptionFilter } from 'src/engine/core-modules/auth/filters/auth-file-api-exception.filter';
 import {
   checkFilePath,
   checkFilename,
@@ -16,6 +25,7 @@ import { FileService } from 'src/engine/core-modules/file/services/file.service'
 
 // TODO: Add cookie authentication
 @Controller('files')
+@UseFilters(AuthFileApiExceptionFilter)
 @UseGuards(FilePathGuard)
 export class FileController {
   constructor(private readonly fileService: FileService) {}
@@ -27,7 +37,6 @@ export class FileController {
     @Req() req: Request,
   ) {
     const folderPath = checkFilePath(params[0]);
-
     const filename = checkFilename(params['filename']);
 
     const workspaceId = (req as any)?.workspaceId;