diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7645d1341cd541fecfbb4ba0c69de6bca9eba362..ddfca4301a6dc1cbd0bbdd91e796085d953ce887 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,8 @@
 All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
+[Fixed]
+- Added verification for empty response from LDAP in IsCesnetEligible::getAllowedAffiliations which is valid state
 
 ## [v1.4.1]
 [Fixed]
diff --git a/lib/Auth/Process/IsCesnetEligible.php b/lib/Auth/Process/IsCesnetEligible.php
index 1175154ac022b07751fe568500bcf5d64f168123..b0f61737af47a1b016dea8c7929e6d8142a8a25a 100644
--- a/lib/Auth/Process/IsCesnetEligible.php
+++ b/lib/Auth/Process/IsCesnetEligible.php
@@ -139,12 +139,18 @@ class sspmod_cesnet_Auth_Process_IsCesnetEligible extends SimpleSAML_Auth_Proces
 		try {
 			$affiliations = $this->cesnetLdapConnector->searchForEntity(self::ORGANIZATION_LDAP_BASE,'(entityIDofIdP=' . $idpEntityId . ')', array(
 				'cesnetcustomeraffiliation'))['cesnetcustomeraffiliation'];
-			foreach ($affiliations as $affiliation) {
-				array_push($allowedAffiliations, $affiliation);
+
+			if (empty($affiliations)) {
+				SimpleSAML\Logger::debug("cesnet:IsCesnetEligible - Received empty response from LDAP, entityId " . $idpEntityId . " was probably not found.");
+			} else {
+				foreach ($affiliations as $affiliation) {
+					array_push($allowedAffiliations, $affiliation);
+				}
 			}
 		} catch (Exception $ex) {
 			SimpleSAML\Logger::warning("cesnet:IsCesnetEligible - Unable to connect to LDAP!");
 		}
+
 		return $allowedAffiliations;
 	}
 }