diff --git a/pkg/openapi/run.go b/pkg/openapi/run.go
index 17199851..2efc2309 100644
--- a/pkg/openapi/run.go
+++ b/pkg/openapi/run.go
@@ -177,6 +177,7 @@ func HandleAuths(req *http.Request, envMap map[string]string, infoSets [][]Secur
 
 		// We're using this info set, because no environment variables were missing.
 		// Set up the request as needed.
+		v := url.Values{}
 		for _, info := range infoSet {
 			envNames := maps.Values(info.getCredentialNamesAndEnvVars(req.URL.Hostname()))
 			switch info.Type {
@@ -185,9 +186,7 @@ func HandleAuths(req *http.Request, envMap map[string]string, infoSets [][]Secur
 				case "header":
 					req.Header.Set(info.APIKeyName, envMap[envNames[0]])
 				case "query":
-					v := url.Values{}
 					v.Add(info.APIKeyName, envMap[envNames[0]])
-					req.URL.RawQuery = v.Encode()
 				case "cookie":
 					req.AddCookie(&http.Cookie{
 						Name:  info.APIKeyName,
@@ -203,6 +202,9 @@ func HandleAuths(req *http.Request, envMap map[string]string, infoSets [][]Secur
 				}
 			}
 		}
+		if len(v) > 0 {
+			req.URL.RawQuery = v.Encode()
+		}
 		return nil
 	}