diff --git a/app/Http/Middleware/RedirectIfNotInitializedMiddleware.php b/app/Http/Middleware/RedirectIfNotInitializedMiddleware.php
index 34296747..0aaea334 100644
--- a/app/Http/Middleware/RedirectIfNotInitializedMiddleware.php
+++ b/app/Http/Middleware/RedirectIfNotInitializedMiddleware.php
@@ -11,7 +11,7 @@ class RedirectIfNotInitializedMiddleware
     /**
      * @var array<int, string>
      */
-    public array $dontRedirect = ['initialize.form', 'initialize.store'];
+    public array $dontRedirect = ['initialize.form', 'initialize.store', 'nami-login-check'];
 
     /**
      * Handle an incoming request.
diff --git a/app/Initialize/Actions/NamiLoginCheckAction.php b/app/Initialize/Actions/NamiLoginCheckAction.php
new file mode 100644
index 00000000..38fe0429
--- /dev/null
+++ b/app/Initialize/Actions/NamiLoginCheckAction.php
@@ -0,0 +1,39 @@
+<?php
+
+namespace App\Initialize\Actions;
+
+use Illuminate\Http\Response;
+use Lorisleiva\Actions\ActionRequest;
+use Lorisleiva\Actions\Concerns\AsAction;
+use Zoomyboy\LaravelNami\Nami;
+
+class NamiLoginCheckAction
+{
+    use AsAction;
+
+    /**
+     * @param array{mglnr: string, password: string} $input
+     */
+    public function handle(array $input): void
+    {
+        Nami::freshLogin((int) $input['mglnr'], $input['password']);
+    }
+
+    /**
+     * @return array<string, string>
+     */
+    public function rules(): array
+    {
+        return [
+            'mglnr' => 'required|numeric|min:0',
+            'password' => 'required|string',
+        ];
+    }
+
+    public function asController(ActionRequest $request): Response
+    {
+        $this->handle($request->validated());
+
+        return response()->noContent();
+    }
+}
diff --git a/routes/web.php b/routes/web.php
index b788cd8d..537809b8 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -17,6 +17,7 @@ use App\Dashboard\Actions\IndexAction as DashboardIndexAction;
 use App\Efz\ShowEfzDocumentAction;
 use App\Initialize\Actions\InitializeAction;
 use App\Initialize\Actions\InitializeFormAction;
+use App\Initialize\Actions\NamiLoginCheckAction;
 use App\Member\Actions\ExportAction;
 use App\Member\Actions\MemberResyncAction;
 use App\Member\Actions\MemberShowAction;
@@ -38,6 +39,7 @@ Route::group(['namespace' => 'App\\Http\\Controllers'], function (): void {
 
 Route::group(['middleware' => 'auth:web'], function (): void {
     Route::get('/', DashboardIndexAction::class)->name('home');
+    Route::post('/nami-login-check', NamiLoginCheckAction::class)->name('nami-login-check');
     Route::post('/api/member/search', SearchAction::class)->name('member.search');
     Route::get('/initialize', InitializeFormAction::class)->name('initialize.form');
     Route::post('/initialize', InitializeAction::class)->name('initialize.store');
diff --git a/tests/Feature/Initializer/ValidateLoginTest.php b/tests/Feature/Initializer/ValidateLoginTest.php
new file mode 100644
index 00000000..862dd31b
--- /dev/null
+++ b/tests/Feature/Initializer/ValidateLoginTest.php
@@ -0,0 +1,53 @@
+<?php
+
+namespace Tests\Feature\Initializer;
+
+use Illuminate\Foundation\Testing\DatabaseTransactions;
+use Tests\TestCase;
+use Zoomyboy\LaravelNami\Authentication\Auth;
+
+class ValidateLoginTest extends TestCase
+{
+    use DatabaseTransactions;
+
+    public function setUp(): void
+    {
+        parent::setUp();
+
+        $this->login();
+    }
+
+    public function testItValidatesLogin(): void
+    {
+        Auth::success(333, 'secret');
+
+        $this->postJson('/nami-login-check', [
+            'mglnr' => 333,
+            'password' => 'secret',
+        ])->assertStatus(204);
+    }
+
+    public function testItNeedsPasswordAndMglnr(): void
+    {
+        $this->postJson('/nami-login-check', [
+            'mglnr' => '',
+            'password' => '',
+        ])->assertJsonValidationErrors(['mglnr', 'password']);
+    }
+
+    public function testMglnrShouldBeNumeric(): void
+    {
+        $this->postJson('/nami-login-check', [
+            'mglnr' => 'aaa',
+            'password' => 'secret',
+        ])->assertJsonValidationErrors(['mglnr']);
+    }
+
+    public function testLoginCanFail(): void
+    {
+        $this->postJson('/nami-login-check', [
+            'mglnr' => '111',
+            'password' => 'secret',
+        ])->assertJsonValidationErrors(['nami' => 'NaMi Login fehlgeschlagen.']);
+    }
+}