diff --git a/restapi/index.php b/restapi/index.php
index 211386a55..242bef52f 100644
--- a/restapi/index.php
+++ b/restapi/index.php
@@ -2367,9 +2367,9 @@ class Auth { /* {{{ */
         }
         /* The preflight options request doesn't have authorization in the header. So
          * don't even try to authorize.
-         */
+				 */
         if($request->getMethod() == 'OPTIONS') {
-        } elseif(!in_array($request->getUri()->getPath(), array('echo', 'login'))) {
+				} elseif(!in_array($request->getUri()->getPath(), array('login')) && substr($request->getUri()->getPath(), 0, 5) != 'echo/') {
             $userobj = null;
             if(!empty($this->container->environment['HTTP_AUTHORIZATION']) && !empty($settings->_apiKey) && !empty($settings->_apiUserId)) {
                 if($settings->_apiKey == $this->container->environment['HTTP_AUTHORIZATION']) {