diff --git a/package-lock.json b/package-lock.json
index ef24b44..80245be 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -12,6 +12,7 @@
         "@nestjs/common": "^10.0.0",
         "@nestjs/core": "^10.0.0",
         "@nestjs/platform-express": "^10.0.0",
+        "class-transformer": "^0.5.1",
         "class-validator": "^0.14.1",
         "reflect-metadata": "^0.1.13",
         "rxjs": "^7.8.1"
@@ -3367,6 +3368,11 @@
       "integrity": "sha512-0TNiGstbQmCFwt4akjjBg5pLRTSyj/PkWQ1ZoO2zntmg9yLqSRxwEa4iCfQLGjqhiqBfOJa7W/E8wfGrTDmlZQ==",
       "dev": true
     },
+    "node_modules/class-transformer": {
+      "version": "0.5.1",
+      "resolved": "https://registry.npmjs.org/class-transformer/-/class-transformer-0.5.1.tgz",
+      "integrity": "sha512-SQa1Ws6hUbfC98vKGxZH3KFY0Y1lm5Zm0SY8XX9zbK7FJCyVEac3ATW0RIpwzW+oOfmHE5PMPufDG9hCfoEOMw=="
+    },
     "node_modules/class-validator": {
       "version": "0.14.1",
       "resolved": "https://registry.npmjs.org/class-validator/-/class-validator-0.14.1.tgz",
diff --git a/package.json b/package.json
index c21f700..aa4f71d 100644
--- a/package.json
+++ b/package.json
@@ -23,6 +23,7 @@
     "@nestjs/common": "^10.0.0",
     "@nestjs/core": "^10.0.0",
     "@nestjs/platform-express": "^10.0.0",
+    "class-transformer": "^0.5.1",
     "class-validator": "^0.14.1",
     "reflect-metadata": "^0.1.13",
     "rxjs": "^7.8.1"
diff --git a/src/app.controller.ts b/src/app.controller.ts
index 5204675..dac7303 100644
--- a/src/app.controller.ts
+++ b/src/app.controller.ts
@@ -1,4 +1,4 @@
-import { Controller, Get, Put, Query, Body, NotFoundException, InternalServerErrorException } from '@nestjs/common';
+import { Controller, Get, Put, Query, Body, NotFoundException, InternalServerErrorException, UsePipes, ValidationPipe } from '@nestjs/common';
 import { AppService } from './app.service';
 import { InvitationDTO } from './dto/invitation.dto';
 
@@ -16,6 +16,7 @@ export class AppController {
   }
 
   @Put('invite')
+  @UsePipes(new ValidationPipe())
   storeInvitation(@Query('CID') cid: string, @Body() invitationDTO: InvitationDTO) {
     const filename = `${cid}.json`;
     const result = this.appService.storeInvitationFile(filename, invitationDTO);
diff --git a/test/app.e2e-spec.ts b/test/app.e2e-spec.ts
index 9dde398..a8762c7 100644
--- a/test/app.e2e-spec.ts
+++ b/test/app.e2e-spec.ts
@@ -37,6 +37,13 @@ describe('AppController (e2e)', () => {
     await app.init();
   });
 
+  it('/invite (PUT) validates payload schema', () => {
+    return request(app.getHttpServer())
+      .put(`/invite/?CID=${cid}`)
+      .send({})
+      .expect(400)
+  });
+
   it('/invite (PUT) 200', () => {
     return request(app.getHttpServer())
     .put(`/invite/?CID=${cid}`)
@@ -54,7 +61,7 @@ describe('AppController (e2e)', () => {
   it('/invite (PUT) doesn\'t override file', () => {
     return request(app.getHttpServer())
       .put(`/invite/?CID=${cid}`)
-      .send({})
+      .send(invitationData)
       .expect(500)
       .expect({"message":"File already exists","error":"Internal Server Error","statusCode":500});
   });