diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
index 6b2efdd..3c69600 100644
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@@ -11,4 +11,5 @@ en:
     oauth2_json_name_path: "Path in the OAuth2 User JSON to the user's full: user.name.full"
     oauth2_json_email_path: "Path in the OAuth2 User JSON to the user's email: user.email.primary"
     oauth2_email_verified: "Check this if the OAuth2 site has verified the email"
+    oauth2_send_auth_header: "Send the token as an HTTP Authorization header"
 
diff --git a/config/settings.yml b/config/settings.yml
index 4f4345e..31bb8f1 100644
--- a/config/settings.yml
+++ b/config/settings.yml
@@ -12,6 +12,7 @@ login:
   oauth2_json_name_path: ''
   oauth2_json_email_path: ''
   oauth2_email_verified: false
+  oauth2_send_auth_header: true
   oauth2_button_title:
     default: 'with OAuth2'
     client: true
diff --git a/plugin.rb b/plugin.rb
index 6039663..2eca4db 100644
--- a/plugin.rb
+++ b/plugin.rb
@@ -1,6 +1,6 @@
 # name: discourse-oauth2-basic
 # about: Generic OAuth2 Plugin
-# version: 0.1
+# version: 0.2
 # authors: Robin Ward
 
 require_dependency 'auth/oauth2_authenticator.rb'
@@ -20,7 +20,9 @@ class OAuth2BasicAuthenticator < ::Auth::OAuth2Authenticator
                           authorize_url: SiteSetting.oauth2_authorize_url,
                           token_url: SiteSetting.oauth2_token_url
                         }
-                        opts[:token_params] = {headers: {'Authorization' => basic_auth_header }}
+                        if SiteSetting.oauth2_send_auth_header?
+                          opts[:token_params] = {headers: {'Authorization' => basic_auth_header }}
+                        end
                       }
   end