diff --git a/api/get_users.php b/api/get_users.php
index b651ec2..bc2fe1a 100644
--- a/api/get_users.php
+++ b/api/get_users.php
@@ -13,8 +13,7 @@ RateLimitMiddleware::apply('api');
 try {
     require_once dirname(__DIR__) . '/config/config.php';
 
-    // Check authentication
-    session_start();
+    // Check authentication (session already started by RateLimitMiddleware)
     if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) {
         http_response_code(401);
         echo json_encode(['success' => false, 'error' => 'Authentication required']);