diff --git a/iiif-server/src/index.js b/iiif-server/src/index.js
index 1801beb..9190ef3 100644
--- a/iiif-server/src/index.js
+++ b/iiif-server/src/index.js
@@ -90,6 +90,7 @@ async function viewerRequestIiif(request, { config }) {
   const cookie = getEventHeader(request, "cookie");
   const authSignature = getAuthSignature(request);
 
+  let jwtAuth = false;
   if (authSignature) {
     let jwtClaims;
     try {
@@ -105,7 +106,10 @@ async function viewerRequestIiif(request, { config }) {
 
     const jwtResult = await validateJwtClaims(jwtClaims, params, config);
 
-    if (!jwtResult.valid) {
+    if (jwtResult.valid) {
+      console.log("JWT claims verified");
+      jwtAuth = true;
+    } else {
       console.log(`Could not verify JWT claims: ${jwtResult.reason}`);
       return {
         status: "403",
@@ -115,7 +119,7 @@ async function viewerRequestIiif(request, { config }) {
     }
   }
 
-  const authed = await authorize(
+  const authed = jwtAuth || await authorize(
     params,
     referer,
     cookie,
diff --git a/iiif-server/template.yaml b/iiif-server/template.yaml
index 17febb5..dacbcab 100644
--- a/iiif-server/template.yaml
+++ b/iiif-server/template.yaml
@@ -59,7 +59,7 @@ Resources:
       Handler: index.handler
       Architectures:
         - x86_64
-      Timeout: 3
+      Timeout: 5
       MemorySize: 128
       AutoPublishAlias: "Latest"
       AssumeRolePolicyDocument: