diff --git a/backend/apis/nodejs/src/models/organization_model.js b/backend/apis/nodejs/src/models/organization_model.js
index d72ac75..5159424 100644
--- a/backend/apis/nodejs/src/models/organization_model.js
+++ b/backend/apis/nodejs/src/models/organization_model.js
@@ -111,7 +111,7 @@ async function remove(organizationId, requester) {
 }
 
 /**
- * Gets a list of Organizations given their prefix.
+ * Gets a list of Organizations given the prefix of their name.
  * E.g. "Can" --> "Canonical"
  * @param {*} name 
  */
diff --git a/backend/apis/nodejs/src/routes/organization_routes.js b/backend/apis/nodejs/src/routes/organization_routes.js
index fdef101..9c5545e 100644
--- a/backend/apis/nodejs/src/routes/organization_routes.js
+++ b/backend/apis/nodejs/src/routes/organization_routes.js
@@ -163,8 +163,14 @@ async function getOrganization(req, res) {
   }
 }
 
-async function filterByPrefix(req, res) {
+async function filter(req, res) {
   try {
+    const errors = organizationValidator.validationResult(req);
+    if (!errors.isEmpty()) {
+      return res.status(400).json({
+        errors: errors.array()
+      });
+    }
     const organizations = await Organization.filterByPrefix(req.body.name);
     return res.status(200).json(organizations).send();
   } catch (error) {
@@ -180,7 +186,7 @@ async function filterByPrefix(req, res) {
 // that do not require the authorization, e.g. job offers
 const routes = express.Router();
 routes.get('/:id', organizationValidator.deleteOrGetOrganizationValidator, getOrganization);
-routes.post('/filterByPrefix', filterByPrefix);
+routes.post('/filter', organizationValidator.filterValidator, filter);
 routes.post('/', jwtUtils.verifyToken, organizationValidator.createOrganizationValidator, createOrganization);
 routes.patch('/:id', jwtUtils.verifyToken, organizationValidator.updateOrganizationValidator, updateOrganization);
 routes.delete('/:id', jwtUtils.verifyToken, organizationValidator.deleteOrGetOrganizationValidator, deleteOrganization);
diff --git a/backend/apis/nodejs/src/utils/validators/organization_validator.js b/backend/apis/nodejs/src/utils/validators/organization_validator.js
index fca15d0..4afe80c 100644
--- a/backend/apis/nodejs/src/utils/validators/organization_validator.js
+++ b/backend/apis/nodejs/src/utils/validators/organization_validator.js
@@ -42,9 +42,17 @@ const deleteOrGetOrganizationValidator = [
     check('id').notEmpty().escape()
 ]
 
+const filterValidator = [
+    check('name').trim().notEmpty().escape().isLength({
+        min: 3, // to avoid database overhead
+        max: 128
+    }).withMessage('The name must be at least 3 characters and cannot exceed 128')
+]
+
 module.exports = {
     validationResult,
     createOrganizationValidator,
     updateOrganizationValidator,
-    deleteOrGetOrganizationValidator
+    deleteOrGetOrganizationValidator,
+    filterValidator
 }
\ No newline at end of file