diff --git a/server/api/shares.js b/server/api/shares.js
index 751932cb..dda9039b 100644
--- a/server/api/shares.js
+++ b/server/api/shares.js
@@ -29,7 +29,7 @@ router.post("shares.info", auth(), async (ctx) => {
           revokedAt: { [Op.eq]: null },
         },
   });
-  if (!share) {
+  if (!share || !share.document) {
     throw new NotFoundError();
   }
 
diff --git a/server/api/shares.test.js b/server/api/shares.test.js
index b5ec4559..b9b768d8 100644
--- a/server/api/shares.test.js
+++ b/server/api/shares.test.js
@@ -288,11 +288,11 @@ describe("#shares.info", () => {
   });
 
   it("should not find revoked share", async () => {
-    const { user, admin, document } = await seed();
+    const { user, document } = await seed();
     const share = await buildShare({
       documentId: document.id,
-      teamId: admin.teamId,
-      userId: admin.id,
+      teamId: user.teamId,
+      userId: user.id,
     });
     await share.revoke();
     const res = await server.post("/api/shares.info", {
@@ -301,6 +301,20 @@ describe("#shares.info", () => {
     expect(res.status).toEqual(404);
   });
 
+  it("should not find share for deleted document", async () => {
+    const { user, document } = await seed();
+    await buildShare({
+      documentId: document.id,
+      teamId: user.teamId,
+      userId: user.id,
+    });
+    await document.delete(user.id);
+    const res = await server.post("/api/shares.info", {
+      body: { token: user.getJwtToken(), documentId: document.id },
+    });
+    expect(res.status).toEqual(404);
+  });
+
   it("should require authentication", async () => {
     const { user, document } = await seed();
     const share = await buildShare({