diff --git a/packages/core/src/libraries/cloud-connection.ts b/packages/core/src/libraries/cloud-connection.ts
index c4a8dbd85..e97e87d3d 100644
--- a/packages/core/src/libraries/cloud-connection.ts
+++ b/packages/core/src/libraries/cloud-connection.ts
@@ -34,20 +34,11 @@ const accessTokenExpirationMargin = 60;
 
 /** The library for connecting to Logto Cloud service. */
 export class CloudConnectionLibrary {
-  private _isAuthenticated = false;
   private client?: Client<typeof router>;
   private accessTokenCache?: { expiresAt: number; accessToken: string };
 
   constructor(private readonly logtoConfigs: LogtoConfigLibrary) {}
 
-  get isAuthenticated() {
-    return this._isAuthenticated;
-  }
-
-  private set isAuthenticated(value: boolean) {
-    this._isAuthenticated = value;
-  }
-
   public getCloudConnectionData = async (): Promise<CloudConnection> => {
     const { getCloudConnectionData: getCloudServiceM2mCredentials } = this.logtoConfigs;
     const credentials = await getCloudServiceM2mCredentials();
@@ -76,8 +67,6 @@ export class CloudConnectionLibrary {
       if (expiresAt > Date.now() / 1000 + accessTokenExpirationMargin) {
         return accessToken;
       }
-      // Set the cloud connection to not authenticated if the access token is expired.
-      this.isAuthenticated = false;
     }
 
     const { tokenEndpoint, appId, appSecret, resource } = await this.getCloudConnectionData();
@@ -105,8 +94,6 @@ export class CloudConnectionLibrary {
       expiresAt: Date.now() / 1000 + result.data.expires_in,
       accessToken: result.data.access_token,
     };
-    // Set the cloud connection to `authenticated` if the access token is valid.
-    this.isAuthenticated = true;
 
     return result.data.access_token;
   };
diff --git a/packages/core/src/oidc/init.ts b/packages/core/src/oidc/init.ts
index 2a0aa5de8..ca0b950c5 100644
--- a/packages/core/src/oidc/init.ts
+++ b/packages/core/src/oidc/init.ts
@@ -215,19 +215,18 @@ export default function initOidc(
         return;
       }
 
-      /**
-       * The execution on this function relies on the existence of authenticated cloud connection client.
-       *
-       * The process that cloud connection get access token also includes this function (`extraTokenClaims`
-       * is a function that will always be executed during the process of generating an access token), it
-       * could trigger infinite loop if we do not terminal the process early.
-       */
-      if (!cloudConnection.isAuthenticated) {
-        return;
-      }
-
       const isTokenClientCredentials = token instanceof ctx.oidc.provider.ClientCredentials;
 
+      /**
+       * Cloud connection should not go through this custom JWT logic.
+       */
+      if (isTokenClientCredentials) {
+        const { appId } = await cloudConnection.getCloudConnectionData();
+        if (token.clientId === appId) {
+          return;
+        }
+      }
+
       const {
         value: { script, envVars },
       } = (await trySafe(