diff --git a/backend/endpoints/user.py b/backend/endpoints/user.py
index 5d5808bcc..6488fa92e 100644
--- a/backend/endpoints/user.py
+++ b/backend/endpoints/user.py
@@ -184,9 +184,7 @@ def create_user_from_invite(
             detail=msg,
         )
 
-    jti, role = auth_handler.verify_invite_link_token(token)
-    auth_handler.invalidate_invite_link_token(jti)
-
+    role = auth_handler.consume_invite_link_token(token)
     user = User(
         username=username.lower(),
         hashed_password=auth_handler.get_password_hash(password),
diff --git a/backend/handler/auth/base_handler.py b/backend/handler/auth/base_handler.py
index 3bba2456b..90fa5bc97 100644
--- a/backend/handler/auth/base_handler.py
+++ b/backend/handler/auth/base_handler.py
@@ -203,7 +203,7 @@ class AuthHandler:
         )
         return token
 
-    def verify_invite_link_token(self, token: str) -> tuple[str, str]:
+    def consume_invite_link_token(self, token: str) -> str:
         """
         Verify the invite link token.
         Args:
@@ -231,16 +231,12 @@ class AuthHandler:
                 status_code=status.HTTP_400_BAD_REQUEST,
                 detail="Invite token has already been used or is invalid.",
             )
-        return jti, role
 
-    def invalidate_invite_link_token(self, jti: str) -> None:
-        """
-        Invalidate the invite link token.
-        Args:
-            jti (str): The JTI (JWT ID) of the token to invalidate.
-        """
+        # Invalidate the token as soon as it's read
         redis_client.delete(f"invite-jti:{jti}")
 
+        return role
+
 
 class OAuthHandler:
     def __init__(self) -> None: