diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BSTAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BSTAuthenticator.java
index 42b382a672..51e92a139b 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BSTAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BSTAuthenticator.java
@@ -94,8 +94,9 @@ public class BSTAuthenticator implements WebappAuthenticator {
     @Override
     public boolean canHandle(Request request) {
         String contentType = request.getContentType();
-        if (contentType.contains("application/xml") || contentType.contains("application/soap+xml") ||
-                contentType.contains("application/text")) {
+        if (contentType != null && (contentType.contains("application/xml") || contentType.contains
+                ("application/soap+xml") ||
+                contentType.contains("application/text"))) {
             try {
                 return isBSTHeaderExists(request);
             } catch (IOException | XMLStreamException e) {