diff --git a/includes/class-mastodon-api.php b/includes/class-mastodon-api.php
index 831b6133..b113dd7e 100644
--- a/includes/class-mastodon-api.php
+++ b/includes/class-mastodon-api.php
@@ -598,7 +598,7 @@ public function add_rest_routes() {
 			array(
 				'methods'             => array( 'GET', 'OPTIONS' ),
 				'callback'            => array( $this, 'api_search' ),
-				'permission_callback' => array( $this, 'have_token_permission' ),
+				'permission_callback' => array( $this, 'logged_in_permission' ),
 			)
 		);
 
@@ -774,18 +774,6 @@ public function logged_in_permission( $request ) {
 		return is_user_logged_in();
 	}
 
-	public function have_token_permission( $request ) {
-		$this->allow_cors();
-		$token = $this->oauth->get_token();
-		if ( ! $token ) {
-			return is_user_logged_in();
-		}
-		OAuth2\AccessTokenStorage::was_used( $token['access_token'] );
-		$this->app = Mastodon_App::get_by_client_id( $token['client_id'] );
-		$this->app->was_used( $request );
-		return true;
-	}
-
 	public function logged_in_for_private_permission( $request ) {
 		$post_id = $request->get_param( 'post_id' );
 		if ( ! $post_id ) {
@@ -1575,9 +1563,21 @@ public function api_search( $request ) {
 					}
 				}
 			} elseif ( is_user_logged_in() ) {
-				$args['s'] = $request->get_param( 'q' );
-				$args['offset'] = $request->get_param( 'offset' );
-				$args['posts_per_page'] = $request->get_param( 'limit' );
+				$q_param = $request->get_param( 'q' );
+				if ( null !== $q_param ) {
+					$args['s'] = $q_param;
+				}
+
+				$offset_param = $request->get_param( 'offset' );
+				if ( null !== $offset_param ) {
+					$args['offset'] = $offset_param;
+				}
+
+				$ppp_param = $request->get_param( 'limit' );
+				if ( null !== $ppp_param ) {
+					$args['posts_per_page'] = $ppp_param;
+				}
+
 				$ret['statuses'] = array_merge( $ret['statuses'], $this->get_posts( $args ) );
 			}
 		}