diff --git a/src/core/plugins/auth/reducers.js b/src/core/plugins/auth/reducers.js
index 6e4d0702..756f1d14 100644
--- a/src/core/plugins/auth/reducers.js
+++ b/src/core/plugins/auth/reducers.js
@@ -1,5 +1,5 @@
 import { fromJS, Map } from "immutable"
-import { btoa } from "core/utils"
+import { btoa, isFunc } from "core/utils"
 
 import {
   SHOW_AUTH_POPUP,
@@ -20,6 +20,9 @@ export default {
 
     // refactor withMutations
     securities.entrySeq().forEach( ([ key, security ]) => {
+      if (!isFunc(security.getIn)) {
+        return state.set("authorized", map)
+      }
       let type = security.getIn(["schema", "type"])
 
       if ( type === "apiKey" || type === "http" ) {
diff --git a/test/e2e-cypress/tests/bugs/4641.js b/test/e2e-cypress/tests/bugs/4641.js
index bf436ec4..f7bcb576 100644
--- a/test/e2e-cypress/tests/bugs/4641.js
+++ b/test/e2e-cypress/tests/bugs/4641.js
@@ -1,10 +1,8 @@
 const clickTryItOutAndExecute = () => {
   return cy
-    .get(".opblock-summary")
+    .get(".btn.try-out__btn") // expand "try it out"
     .click()
-    .get(".try-out > .btn") // expand "try it out"
-    .click()
-    .get(".execute-wrapper > .btn") // excecute request
+    .get(".btn.execute") // execute request
     .click()
 }
 
@@ -44,7 +42,8 @@ describe("#4641: The Logout button in Authorize popup not clearing API Key", ()
       .within(fillInApiKeyAndAuthorise("my_api_key"))
       .get(".close-modal") // close authorise popup button
       .click()
-      .get("#operations-default-get_4641_1") // expand the route details
+      .get("#operations-default-get_4641_1") // expand the route details onClick
+      .click()
       .within(clickTryItOutAndExecute)
       .get("@request")
       .its("request")
@@ -64,7 +63,8 @@ describe("#4641: The Logout button in Authorize popup not clearing API Key", ()
       .within(clickLogoutAndReauthorise)
       .get(".close-modal") // close authorise popup button
       .click()
-      .get("#operations-default-get_4641_1") // expand the route details
+      .get("#operations-default-get_4641_1") // expand the route details onClick
+      .click()
       .within(clickTryItOutAndExecute)
       .get("@request")
       .its("request")
@@ -86,7 +86,8 @@ describe("#4641: The Logout button in Authorize popup not clearing API Key", ()
       .within(clickLogoutAndReauthorise)
       .get(".close-modal") // close authorise popup button
       .click()
-      .get("#operations-default-get_4641_2") // expand the route details
+      .get("#operations-default-get_4641_2") // expand the route details onClick
+      .click()
       .within(clickTryItOutAndExecute)
       .get("@request")
       .its("request")