diff --git a/server/src/index.ts b/server/src/index.ts
index 68e2b63..9e238ea 100644
--- a/server/src/index.ts
+++ b/server/src/index.ts
@@ -4,7 +4,6 @@ import cors from 'cors';
 import { toNodeHandler } from 'better-auth/node';
 import { auth } from './auth/auth';
 import { authRateLimiter, apiRateLimiter } from './auth/rateLimiter';
-import { requireAuth } from './auth/middleware';
 import chemicalsRouter from './routes/chemicals';
 import protocolsRouter from './routes/protocols';
 import profileRouter from './routes/profile';
@@ -59,7 +58,7 @@ app.get('/api/ios-google', async (req, res) => {
 // redirects to this endpoint (passed as callbackURL from the native app).
 // We read the raw session token out of the cookie and forward it in the
 // custom URL scheme so the iOS app can inject it into URLSession's cookie jar.
-app.get('/api/ios-callback', requireAuth, (req, res) => {
+app.get('/api/ios-callback', (req, res) => {
   const cookieHeader = req.headers.cookie ?? '';
   const token = cookieHeader
     .split(';')