diff --git a/htdocs/webservices/server_order.php b/htdocs/webservices/server_order.php
index 5cc964dde4e..7f2f2ebd43f 100644
--- a/htdocs/webservices/server_order.php
+++ b/htdocs/webservices/server_order.php
@@ -387,10 +387,10 @@ function getOrder($authentication, $id = '', $ref = '', $ref_ext = '')
 			if ($result > 0)
 			{
 				// Security for external user
-				if ($socid && ($socid != $order->socid))
+				if ($socid && (empty($order->socid) || $socid != $order->socid))
 				{
 					$error++;
-					$errorcode = 'PERMISSION_DENIED'; $errorlabel = $order->socid.'User does not have permission for this request';
+					$errorcode = 'PERMISSION_DENIED'; $errorlabel = 'User does not have permission for this request';
 				}
 
 				if (!$error)