diff --git a/lib/handlers/authorize-handler.js b/lib/handlers/authorize-handler.js
index 984136a8d..2446457e9 100644
--- a/lib/handlers/authorize-handler.js
+++ b/lib/handlers/authorize-handler.js
@@ -78,10 +78,6 @@ AuthorizeHandler.prototype.handle = function(request, response) {
     throw new InvalidArgumentError('Invalid argument: `response` must be an instance of Response');
   }
 
-  if ('false' === request.query.allowed) {
-    return Promise.reject(new AccessDeniedError('Access denied: user denied access to application'));
-  }
-
   var fns = [
     this.getAuthorizationCodeLifetime(),
     this.getClient(request),
@@ -97,6 +93,16 @@ AuthorizeHandler.prototype.handle = function(request, response) {
       var ResponseType;
 
       return Promise.bind(this)
+	.then(function() {
+          state = this.getState(request);
+        })
+        .then(function() {
+	  if ('false' === request.query.allowed) {
+	    throw new AccessDeniedError(
+	      'Access denied: user denied access to application'
+	    );
+	  }
+	})
 	.then(function() {
           scope = this.getScope(request);