diff --git a/itou/www/job_seekers_views/views.py b/itou/www/job_seekers_views/views.py
index e953223e4f..8c4b064f6f 100644
--- a/itou/www/job_seekers_views/views.py
+++ b/itou/www/job_seekers_views/views.py
@@ -785,7 +785,7 @@ def setup(self, request, *args, **kwargs):
         self.job_seeker_session = SessionNamespace.create_uuid_namespace(
             request.session,
             data={
-                "config": {"from_url": from_url},
+                "config": {"from_url": from_url, "tunnel": "job-seeker-update"},
                 "job_seeker_pk": job_seeker.pk,
                 "apply": {"company_pk": company.pk},
             },
@@ -809,6 +809,11 @@ def get_job_seeker_queryset(self):
 
     def setup(self, request, *args, **kwargs):
         super().setup(request, *args, **kwargs)
+
+        # Check that the session was initialized to update a job seeker.
+        if self.job_seeker_session.get("config").get("tunnel") != "job-seeker-update":
+            raise Http404
+
         self.job_seeker = get_object_or_404(
             self.get_job_seeker_queryset(), pk=self.job_seeker_session.get("job_seeker_pk")
         )
diff --git a/tests/www/apply/test_submit.py b/tests/www/apply/test_submit.py
index 55fafc2744..8d99e328fc 100644
--- a/tests/www/apply/test_submit.py
+++ b/tests/www/apply/test_submit.py
@@ -3482,7 +3482,7 @@ def setup_method(self, settings, mocker):
         )
         self.config = {
             "apply": {"company_pk": self.company.pk},
-            "config": {"from_url": from_url},
+            "config": {"from_url": from_url, "tunnel": "job-seeker-update"},
             "job_seeker_pk": self.job_seeker.pk,
         }
         self.step_1_url = reverse(
diff --git a/tests/www/job_seekers_views/test_create_or_update.py b/tests/www/job_seekers_views/test_create_or_update.py
index a9d5e6b375..84b33c3f9a 100644
--- a/tests/www/job_seekers_views/test_create_or_update.py
+++ b/tests/www/job_seekers_views/test_create_or_update.py
@@ -8,7 +8,9 @@
 
 from itou.asp.models import Commune, Country
 from itou.users.enums import Title
+from itou.utils.session import SessionNamespace
 from tests.companies.factories import CompanyFactory
+from tests.prescribers.factories import PrescriberOrganizationWithMembershipFactory
 from tests.users.factories import JobSeekerFactory
 from tests.utils.test import KNOWN_SESSION_KEYS
 
@@ -190,6 +192,30 @@ def test_birth_country_france_and_no_birthplace(self, client):
         )
 
 
+class TestUpdateJobSeeker:
+    def test_update_with_wrong_tunnel_in_session(self, client):
+        job_seeker = JobSeekerFactory()
+        company = CompanyFactory(with_membership=True)
+        prescriber = PrescriberOrganizationWithMembershipFactory(authorized=True).members.first()
+        client.force_login(prescriber)
+
+        # Create a session with a wrong tunnel key
+        job_seeker_session = SessionNamespace.create_uuid_namespace(
+            client.session,
+            data={
+                "config": {"from_url": reverse("dashboard:index"), "tunnel": "job-seeker-create"},
+                "job_seeker_pk": job_seeker.pk,
+                "apply": {"company_pk": company.pk},
+            },
+        )
+        job_seeker_session.save()
+
+        url = reverse("job_seekers_views:update_job_seeker_step_1", kwargs={"session_uuid": job_seeker_session.name})
+        response = client.get(url)
+
+        assert response.status_code == 404
+
+
 class TestUpdateJobSeekerStart:
     def test_update_start_with_valid_parameters(self, client):
         job_seeker = JobSeekerFactory()