diff --git a/Action.php b/Action.php
index 8cc4f87..8ccd5e2 100644
--- a/Action.php
+++ b/Action.php
@@ -208,7 +208,7 @@ private function checkState($route)
             $this->throwError('This API has been disabled.', 403);
         }
         $token = $this->request->getHeader('token');
-        if (!empty($token) && $token != $this->config->apiToken) {
+        if ($this->config->apiToken && $token != $this->config->apiToken) {
             $this->throwError('apiToken is invalid', 403);
         }
     }