diff --git a/include/asterisk/res_stir_shaken.h b/include/asterisk/res_stir_shaken.h
index 81e330c41d..7db676fc56 100644
--- a/include/asterisk/res_stir_shaken.h
+++ b/include/asterisk/res_stir_shaken.h
@@ -55,6 +55,7 @@ enum ast_stir_shaken_vs_response_code {
 	AST_STIR_SHAKEN_VS_NO_DEST_TN,
 	AST_STIR_SHAKEN_VS_INVALID_HEADER,
 	AST_STIR_SHAKEN_VS_INVALID_GRANT,
+	AST_STIR_SHAKEN_VS_INVALID_OR_NO_CID,
 	AST_STIR_SHAKEN_VS_RESPONSE_CODE_MAX
 };
 
@@ -233,6 +234,16 @@ enum stir_shaken_failure_action_enum
 int	ast_stir_shaken_vs_get_use_rfc9410_responses(
 		struct ast_stir_shaken_vs_ctx *ctx);
 
+/*!
+ * \brief Get caller_id from context
+ *
+ * \param ctx VS context
+ *
+ * \retval Caller ID or NULL
+ */
+const char *ast_stir_shaken_vs_get_caller_id(
+		struct ast_stir_shaken_vs_ctx *ctx);
+
 /*!
  * \brief Add a STIR/SHAKEN verification result to a channel
  *
diff --git a/res/res_pjsip_stir_shaken.c b/res/res_pjsip_stir_shaken.c
index f64152f3a2..ea498942eb 100644
--- a/res/res_pjsip_stir_shaken.c
+++ b/res/res_pjsip_stir_shaken.c
@@ -44,10 +44,10 @@ enum sip_response_code {
 	SIP_RESPONSE_CODE_OK = 200,
 	SIP_RESPONSE_CODE_STALE_DATE = 403,
 	SIP_RESPONSE_CODE_USE_IDENTITY_HEADER = 428,
+	SIP_RESPONSE_CODE_ANONYMITY_DISALLOWED = 433,
 	SIP_RESPONSE_CODE_BAD_IDENTITY_INFO = 436,
 	SIP_RESPONSE_CODE_UNSUPPORTED_CREDENTIAL = 437,
 	SIP_RESPONSE_CODE_INVALID_IDENTITY_HEADER = 438,
-	SIP_RESPONSE_CODE_USE_SUPPORTED_PASSPORT_FORMAT = 428,
 	SIP_RESPONSE_CODE_INTERNAL_ERROR = 500,
 };
 
@@ -55,7 +55,7 @@ enum sip_response_code {
 /* Response strings from RFC8224 */
 #define SIP_RESPONSE_CODE_STALE_DATE_STR "Stale Date"
 #define SIP_RESPONSE_CODE_USE_IDENTITY_HEADER_STR "Use Identity Header"
-#define SIP_RESPONSE_CODE_USE_SUPPORTED_PASSPORT_FORMAT_STR "Use Supported PASSporT Format"
+#define SIP_RESPONSE_CODE_ANONYMITY_DISALLOWED_STR "Anonymity Disallowed"
 #define SIP_RESPONSE_CODE_BAD_IDENTITY_INFO_STR "Bad Identity Info"
 #define SIP_RESPONSE_CODE_UNSUPPORTED_CREDENTIAL_STR "Unsupported Credential"
 #define SIP_RESPONSE_CODE_INVALID_IDENTITY_HEADER_STR "Invalid Identity Header"
@@ -71,6 +71,7 @@ static const char *sip_response_code_to_str(enum sip_response_code code)
 	response_to_str(SIP_RESPONSE_CODE_OK)
 	response_to_str(SIP_RESPONSE_CODE_STALE_DATE)
 	response_to_str(SIP_RESPONSE_CODE_USE_IDENTITY_HEADER)
+	response_to_str(SIP_RESPONSE_CODE_ANONYMITY_DISALLOWED)
 	response_to_str(SIP_RESPONSE_CODE_BAD_IDENTITY_INFO)
 	response_to_str(SIP_RESPONSE_CODE_UNSUPPORTED_CREDENTIAL)
 	response_to_str(SIP_RESPONSE_CODE_INVALID_IDENTITY_HEADER)
@@ -127,6 +128,7 @@ static enum sip_response_code vs_code_to_sip_code(
 	translate_code(INVALID_GRANT, 			INVALID_IDENTITY_HEADER)
 	translate_code(INVALID_OR_NO_GRANTS, 	INVALID_IDENTITY_HEADER)
 	translate_code(CID_ORIG_TN_MISMATCH, 	INVALID_IDENTITY_HEADER)
+	translate_code(INVALID_OR_NO_CID, 		ANONYMITY_DISALLOWED)
 	translate_code(RESPONSE_CODE_MAX, 		INVALID_IDENTITY_HEADER)
 	}
 
@@ -227,12 +229,10 @@ static int stir_shaken_incoming_request(struct ast_sip_session *session, pjsip_r
 	}
 
 	/*
-	 * Shortcut:  If there's no callerid or profile name,
-	 * just bail now.
+	 * Shortcut:  If there's no profile name just bail now.
 	 */
-	if (ast_strlen_zero(caller_id)
-		|| ast_strlen_zero(session->endpoint->stir_shaken_profile)) {
-		SCOPE_EXIT_RTN_VALUE(0, "%s: No callerid or profile name. No action needed\n", session_name);
+	if (ast_strlen_zero(session->endpoint->stir_shaken_profile)) {
+		SCOPE_EXIT_RTN_VALUE(0, "%s: No profile name on endpoint. No action needed\n", session_name);
 	}
 
 	vs_rc = ast_stir_shaken_vs_ctx_create(caller_id, chan,
@@ -246,6 +246,17 @@ static int stir_shaken_incoming_request(struct ast_sip_session *session, pjsip_r
 			session_name);
 	}
 
+	if (ast_strlen_zero(ast_stir_shaken_vs_get_caller_id(ctx))) {
+		p_rc = process_failure(ctx, caller_id, session, rdata,
+			AST_STIR_SHAKEN_VS_INVALID_OR_NO_CID);
+		if (p_rc == PROCESS_FAILURE_CONTINUE) {
+			SCOPE_EXIT_RTN_VALUE(0, "%s: Invalid or no callerid found.  Call continuing\n",
+				session_name);
+		}
+		SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: Invalid or no callerid found.  Call terminated\n",
+			session_name);
+	}
+
 	identity_hdr_val = ast_sip_rdata_get_header_value(rdata, identity_hdr_str);
 	if (ast_strlen_zero(identity_hdr_val)) {
 		p_rc = process_failure(ctx, caller_id, session, rdata,
diff --git a/res/res_stir_shaken/verification.c b/res/res_stir_shaken/verification.c
index 6e8366585c..f6609e6236 100644
--- a/res/res_stir_shaken/verification.c
+++ b/res/res_stir_shaken/verification.c
@@ -84,6 +84,7 @@ static const char *vs_rc_map[] = {
 	[AST_STIR_SHAKEN_VS_NO_DEST_TN] = "missing_dest_tn",
 	[AST_STIR_SHAKEN_VS_INVALID_HEADER] = "invalid_header",
 	[AST_STIR_SHAKEN_VS_INVALID_GRANT] = "invalid_grant",
+	[AST_STIR_SHAKEN_VS_INVALID_OR_NO_CID] = "invalid_or_no_callerid",
 };
 
 const char *vs_response_code_to_str(
@@ -629,6 +630,12 @@ int ast_stir_shaken_vs_get_use_rfc9410_responses(
 	return ctx->eprofile->vcfg_common.use_rfc9410_responses;
 }
 
+const char *ast_stir_shaken_vs_get_caller_id(
+		struct ast_stir_shaken_vs_ctx *ctx)
+{
+	return ctx->caller_id;
+}
+
 void ast_stir_shaken_vs_ctx_set_response_code(
 	struct ast_stir_shaken_vs_ctx *ctx,
 	enum ast_stir_shaken_vs_response_code vs_rc)
@@ -687,11 +694,6 @@ enum ast_stir_shaken_vs_response_code
 			LOG_ERROR, "%s: Must provide tag\n", t);
 	}
 
-	if (ast_strlen_zero(canon_caller_id)) {
-		SCOPE_EXIT_LOG_RTN_VALUE(AST_STIR_SHAKEN_VS_INVALID_ARGUMENTS,
-		LOG_ERROR, "%s: Must provide caller_id\n", t);
-	}
-
 	ctx = ao2_alloc_options(sizeof(*ctx), ctx_destructor,
 		AO2_ALLOC_OPT_LOCK_NOLOCK);
 	if (!ctx) {