diff --git a/composer.json b/composer.json
index bd39a204e7..98a77a6f1a 100644
--- a/composer.json
+++ b/composer.json
@@ -50,7 +50,7 @@
     "alchemy/embed-bundle": "^0.3.4",
     "alchemy/geonames-api-consumer": "~0.1.0",
     "alchemy/mediavorus": "^0.4.4",
-    "alchemy/oauth2php": "1.0.0",
+    "alchemy/oauth2php": "1.1.0",
     "alchemy/phlickr": "0.2.9",
     "alchemy/phpexiftool": "^0.7.0",
     "alchemy/rest-bundle": "^0.0.5",
diff --git a/composer.lock b/composer.lock
index fafac96e4e..80ccaa0827 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "253990d4c81f9ae5f78c6c1221d6cf29",
+    "content-hash": "adf4074eb26ea80d414430d4f7b61311",
     "packages": [
         {
             "name": "alchemy-fr/tcpdf-clone",
@@ -337,16 +337,16 @@
         },
         {
             "name": "alchemy/oauth2php",
-            "version": "1.0.0",
+            "version": "1.1.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/alchemy-fr/oauth2-php.git",
-                "reference": "cb4fcb73e30ab54e0fb85a65b4d57147f7a0df15"
+                "reference": "801510972240555fa182813851efd96659d37a68"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/alchemy-fr/oauth2-php/zipball/cb4fcb73e30ab54e0fb85a65b4d57147f7a0df15",
-                "reference": "cb4fcb73e30ab54e0fb85a65b4d57147f7a0df15",
+                "url": "https://api.github.com/repos/alchemy-fr/oauth2-php/zipball/801510972240555fa182813851efd96659d37a68",
+                "reference": "801510972240555fa182813851efd96659d37a68",
                 "shasum": ""
             },
             "type": "library",
@@ -356,7 +356,7 @@
                 ]
             },
             "notification-url": "https://packagist.org/downloads/",
-            "time": "2013-07-01T09:46:59+00:00"
+            "time": "2019-01-17T14:34:10+00:00"
         },
         {
             "name": "alchemy/phlickr",
diff --git a/config/configuration.sample.yml b/config/configuration.sample.yml
index 5ae54d2134..050b6562c1 100644
--- a/config/configuration.sample.yml
+++ b/config/configuration.sample.yml
@@ -7,6 +7,7 @@ main:
     languages: []
     key: ''
     api_require_ssl: true
+    api_token_header: false
     database:
         host: 127.0.0.1
         port: 3306
diff --git a/lib/classes/API/OAuth2/Adapter.php b/lib/classes/API/OAuth2/Adapter.php
index c674aa277b..4de6639d4d 100644
--- a/lib/classes/API/OAuth2/Adapter.php
+++ b/lib/classes/API/OAuth2/Adapter.php
@@ -537,7 +537,11 @@ class API_OAuth2_Adapter extends OAuth2
 
     public function verifyAccessToken($scope = null, $exit_not_present = true, $exit_invalid = true, $exit_expired = true, $exit_scope = true, $realm = null)
     {
-        $token_param = $this->getAccessTokenParams();
+        $apiTokenHeader = $this->app['conf']->get(['main', 'api_token_header']);
+
+        $useTokenHeader = $this->useTokenHeaderChoice($apiTokenHeader);
+
+        $token_param = $this->getAccessTokenParams($useTokenHeader);
 
         // Access token was not provided
         if ($token_param === false) {
@@ -808,4 +812,21 @@ class API_OAuth2_Adapter extends OAuth2
             return false;
         }
     }
+
+    /**
+     * Get the correct constante to call on Oauth2
+     *
+     * @param $apiTokenHeader
+     * @return string
+     */
+    private function useTokenHeaderChoice($apiTokenHeader)
+    {
+        if ($apiTokenHeader === true) {
+            return Oauth2::TOKEN_ONLY_IN_HEADER;
+        } elseif ($apiTokenHeader === false) {
+            return Oauth2::TOKEN_ONLY_IN_GETPOST;
+        } else {
+            return Oauth2::TOKEN_AUTO_FIND;
+        }
+    }
 }