diff --git a/bin/access-tokens.js b/bin/access-tokens.js
new file mode 100755
index 00000000..fb81a770
--- /dev/null
+++ b/bin/access-tokens.js
@@ -0,0 +1,20 @@
+#!/usr/bin/env node
+
+'use strict';
+
+const config = require('wild-config');
+const db = require('../lib/db');
+const errors = require('../lib/errors');
+const log = require('npmlog');
+
+// Initialize database connection
+db.connect(err => {
+    if (err) {
+        log.error('Db', 'Failed to setup database connection');
+        errors.notify(err);
+        return setTimeout(() => process.exit(1), 3000);
+    }
+
+    log.info('Future feature');
+    process.exit();
+});
diff --git a/config/api.toml b/config/api.toml
index ec4b7b1e..474b9c40 100644
--- a/config/api.toml
+++ b/config/api.toml
@@ -10,6 +10,15 @@ secure=false
 # http://localhost:8080/users?accessToken=somesecretvalue
 #accessToken="somesecretvalue"
 
+[accessControl]
+# If true then require a valid access token to perform API calls
+enabled=false
+# If enabled then encrypt access tokens with the secret password. By default the tokens
+# are not encrypted and stored as cleartext. Once set up do not change these values,
+# otherwise decrypting tokens is going to fail
+#cipher="aes192"
+#secret="a secret cat"
+
 [tls]
 # If certificate path is not defined, use global or built-in self-signed certs
 #key="/path/to/server/key.pem"