diff --git a/src/Classes/ServiceAPI/MyRadio_APIKey.php b/src/Classes/ServiceAPI/MyRadio_APIKey.php
index 83c7a467a..e8ce1f54c 100644
--- a/src/Classes/ServiceAPI/MyRadio_APIKey.php
+++ b/src/Classes/ServiceAPI/MyRadio_APIKey.php
@@ -6,6 +6,7 @@
 namespace MyRadio\ServiceAPI;
 
 use MyRadio\Iface\APICaller;
+use MyRadio\MyRadioException;
 
 /**
  * The APIKey Class provies information and management of API Keys for the MyRadio
@@ -39,8 +40,6 @@ class MyRadio_APIKey extends ServiceAPI implements APICaller
     protected function __construct($key)
     {
         $this->key = $key;
-        $revoked = self::$db->fetchColumn('SELECT revoked from myury.api_key WHERE key_string=$1', [$key]);
-        $this->revoked = ($revoked[0] == 't');
         $this->permissions = array_map(
             'intval',
             self::$db->fetchColumn(
@@ -66,4 +65,16 @@ public function isRevoked()
     {
         return $this->revoked;
     }
+
+    public static function factory($key)
+    {
+        $apiKey = new static($key);
+        $revoked = self::$db->fetchColumn('SELECT revoked from myury.api_key WHERE key_string=$1', [$key]);
+        if (count($revoked) === 0)
+        {
+            return null;
+        }
+        $apiKey->revoked = ($revoked[0] == 't');
+        return $apiKey;
+    }
 }
diff --git a/src/Controllers/traditional_auth.php b/src/Controllers/traditional_auth.php
index 107e03dcc..69e04c257 100644
--- a/src/Controllers/traditional_auth.php
+++ b/src/Controllers/traditional_auth.php
@@ -7,15 +7,23 @@
 //Load the basic MyRadio framework
 
 use \MyRadio\MyRadio\URLUtils;
+use MyRadio\Config;
+use MyRadio\ServiceAPI\MyRadio_APIKey;
+use MyRadio\ServiceAPI\MyRadio_Swagger2;
 
 require_once __DIR__.'/root_cli.php';
 
+if (defined('SHIBBOBLEH_ALLOW_API') && SHIBBOBLEH_ALLOW_API === true &&
+    (isset($_REQUEST['api_key']) || isset($_REQUEST['apiKey']))) {
+    $caller = MyRadio_Swagger2::getAPICaller();
+    $authed = $caller instanceof MyRadio_APIKey && !$caller->isRevoked();
+} else {
+    $authed = isset($_SESSION['memberid']) && !$_SESSION['auth_use_locked'];
+}
+
 //Check the current authentication status of the user
-if ((!isset($_SESSION['memberid']) or $_SESSION['auth_use_locked'])
-    && (!defined('SHIBBOBLEH_ALLOW_READONLY') or SHIBBOBLEH_ALLOW_READONLY === false)
-) {
+if (!$authed && (!defined('SHIBBOBLEH_ALLOW_READONLY') or SHIBBOBLEH_ALLOW_READONLY === false)) {
     //Authentication is required.
-    header('HTTP/1.1 403 Forbidden');
     URLUtils::redirect('MyRadio', 'login', ['next' => $_SERVER['REQUEST_URI']]);
     exit;
 }
@@ -25,7 +33,6 @@
     && (defined('SHIBBOBLEH_REQUIRE_TIMESLOT') and SHIBBOBLEH_REQUIRE_TIMESLOT)
 ) {
     //Timeslot needs configuring
-    header('HTTP/1.1 403 Forbidden');
     URLUtils::redirect('MyRadio', 'timeslot', ['next' => $_SERVER['REQUEST_URI']]);
     exit;
 }