diff --git a/package-lock.json b/package-lock.json
index dfefcc521..26b9179aa 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -13,7 +13,6 @@
         "async": "^3.2.5",
         "aws-sdk": "^2.1637.0",
         "basic-auth": "^2.0.1",
-        "body-parser": "^1.20.2",
         "cloudron-manifestformat": "^5.24.0",
         "connect": "^3.7.0",
         "connect-lastmile": "^2.2.0",
diff --git a/package.json b/package.json
index e78e942b7..f59f3cb30 100644
--- a/package.json
+++ b/package.json
@@ -21,7 +21,6 @@
     "async": "^3.2.5",
     "aws-sdk": "^2.1637.0",
     "basic-auth": "^2.0.1",
-    "body-parser": "^1.20.2",
     "cloudron-manifestformat": "^5.24.0",
     "connect": "^3.7.0",
     "connect-lastmile": "^2.2.0",
diff --git a/src/middleware/index.js b/src/middleware/index.js
index 72b0dd6ce..7b2117e03 100644
--- a/src/middleware/index.js
+++ b/src/middleware/index.js
@@ -6,6 +6,5 @@ exports = module.exports = {
     proxy: require('./proxy-middleware.js'),
     lastMile: require('connect-lastmile'),
     multipart: require('./multipart.js'),
-    timeout: require('connect-timeout'),
-    urlencoded: require('body-parser').urlencoded
+    timeout: require('connect-timeout')
 };
diff --git a/src/routes/appstore.js b/src/routes/appstore.js
index 4a398b925..ad2059556 100644
--- a/src/routes/appstore.js
+++ b/src/routes/appstore.js
@@ -71,8 +71,6 @@ async function registerCloudronWithLogin(req, res, next) {
 }
 
 async function getSubscription(req, res, next) {
-    assert.strictEqual(typeof req.body, 'object');
-
     const [error, result] = await safe(appstore.getSubscription());
     if (error) return next(BoxError.toHttpError(error));
 
diff --git a/src/server.js b/src/server.js
index b85e1830c..a85093188 100644
--- a/src/server.js
+++ b/src/server.js
@@ -36,13 +36,12 @@ async function initializeExpressSync() {
 
     const wsServer = new ws.Server({ noServer: true }); // in noServer mode, we have to handle 'upgrade' and call handleUpgrade
 
-    const QUERY_LIMIT = '2mb', // max size for json and urlencoded queries (see also client_max_body_size in nginx)
+    const QUERY_LIMIT = '2mb', // max size for json queries (see also client_max_body_size in nginx)
         FIELD_LIMIT = 2 * 1024 * 1024; // max fields that can appear in multipart
 
     const REQUEST_TIMEOUT = 60000; // timeout for all requests (see also setTimeout on the httpServer)
 
-    const json = express.json({ strict: true, limit: QUERY_LIMIT }), // application/json
-        urlencoded = middleware.urlencoded({ extended: false, limit: QUERY_LIMIT }); // application/x-www-form-urlencoded
+    const json = express.json({ strict: true, limit: QUERY_LIMIT }); // application/json
 
     app.set('json spaces', 2); // pretty json
 
@@ -56,7 +55,6 @@ async function initializeExpressSync() {
         // the timeout middleware will respond with a 503. the request itself cannot be 'aborted' and will continue
         // search for req.clearTimeout in route handlers to see places where this timeout is reset
         .use(middleware.timeout(REQUEST_TIMEOUT, { respond: true }))
-        .use(urlencoded)
         .use(middleware.cors({ origins: [ '*' ], allowCredentials: false }))
         .use(router)
         .use(notFoundHandler)