diff --git a/src/services/etapi_tokens.js b/src/services/etapi_tokens.js
index d56c31bd9..61c6fc8e8 100644
--- a/src/services/etapi_tokens.js
+++ b/src/services/etapi_tokens.js
@@ -37,11 +37,15 @@ function parseAuthToken(auth) {
         const basicAuthStr = utils.fromBase64(auth.substring(6)).toString("UTF-8");
         const basicAuthChunks = basicAuthStr.split(":");
 
-        if (basicAuthChunks.length === 2) {
-            auth = basicAuthChunks[1];
-        } else {
+        if (basicAuthChunks.length !== 2) {
             return null;
         }
+
+        if (basicAuthChunks[0] !== "etapi") {
+            return null;
+        }
+
+        auth = basicAuthChunks[1];
     }
 
     const chunks = auth.split("_");
diff --git a/test-etapi/basic-auth.http b/test-etapi/basic-auth.http
index 88c76b7c2..cf79c357e 100644
--- a/test-etapi/basic-auth.http
+++ b/test-etapi/basic-auth.http
@@ -1,5 +1,5 @@
 GET {{triliumHost}}/etapi/app-info
-Authorization: Basic whatever {{authToken}}
+Authorization: Basic etapi {{authToken}}
 
 > {%
     client.assert(response.status === 200);
@@ -9,6 +9,13 @@ Authorization: Basic whatever {{authToken}}
 ###
 
 GET {{triliumHost}}/etapi/app-info
-Authorization: Basic whatever wrong pass
+Authorization: Basic etapi wrong
+
+> {% client.assert(response.status === 401); %}
+
+###
+
+GET {{triliumHost}}/etapi/app-info
+Authorization: Basic wrong {{authToken}}
 
 > {% client.assert(response.status === 401); %}