diff --git a/src/auth/controllers/auth.controller.ts b/src/auth/controllers/auth.controller.ts
index 3a0432d..7af56f0 100644
--- a/src/auth/controllers/auth.controller.ts
+++ b/src/auth/controllers/auth.controller.ts
@@ -4,7 +4,6 @@ import {
   Controller,
   Delete,
   Get,
-  Headers,
   Post,
   Query,
   Res,
@@ -22,6 +21,7 @@ import { ApiNaverLogout } from '../swagger-decorators/naver-logout.decorator';
 import { ApiNaverUnlink } from '../swagger-decorators/naver-unlink.decorator';
 import { ApiDeleteAccount } from '../swagger-decorators/delete-account.decorator';
 import { JwtAccessTokenGuard } from 'src/config/guards/jwt-access-token.guard';
+import { JwtRefreshTokenGuard } from 'src/config/guards/jwt-refresh-token.guard';
 import { GetUserId } from 'src/common/decorators/get-userId.decorator';
 
 @Controller('auth')
@@ -78,12 +78,12 @@ export class AuthController {
   }
 
   @ApiNewAccessToken()
+  @UseGuards(JwtRefreshTokenGuard)
   @Get('new-access-token')
   async newAccessToken(
-    @Headers('refresh_token') refreshToken: string,
+    @GetUserId() userId: number,
     @Res() res,
   ) {
-    const userId = await this.tokenService.decodeToken(refreshToken);
     const newAccessToken = await this.tokenService.createAccessToken(userId);
     return res.json({ accessToken: newAccessToken });
   }
diff --git a/src/config/guards/jwt-refresh-token.guard.ts b/src/config/guards/jwt-refresh-token.guard.ts
new file mode 100644
index 0000000..111d7e0
--- /dev/null
+++ b/src/config/guards/jwt-refresh-token.guard.ts
@@ -0,0 +1,23 @@
+import { ExecutionContext, Injectable } from "@nestjs/common";
+import { TokenService } from "src/auth/services/token.service";
+
+@Injectable()
+export class JwtRefreshTokenGuard {
+  constructor(
+    private tokenService: TokenService,
+  ) {}
+
+  async canActivate(context: ExecutionContext) {
+    const request = context.switchToHttp().getRequest();
+    const refreshToken = request.headers['refresh_token'];
+
+    if (!refreshToken) {
+      return false;
+    }
+
+    const userId = await this.tokenService.decodeToken(refreshToken);
+    request.user = { userId };
+
+    return true;
+  }
+}
\ No newline at end of file