diff --git a/apiserver/BUILD b/apiserver/BUILD
index 00216459..6c472fc1 100644
--- a/apiserver/BUILD
+++ b/apiserver/BUILD
@@ -21,6 +21,7 @@ go_library(
         "//pkg/genericapiserver:go_default_library",
         "//pkg/genericapiserver/authorizer:go_default_library",
         "//pkg/genericapiserver/options:go_default_library",
+        "//pkg/kubeapiserver/options:go_default_library",
         "//pkg/registry/generic:go_default_library",
         "//pkg/runtime/schema:go_default_library",
         "//pkg/storage/storagebackend:go_default_library",
diff --git a/apiserver/apiserver.go b/apiserver/apiserver.go
index 61abfca4..28aa112e 100644
--- a/apiserver/apiserver.go
+++ b/apiserver/apiserver.go
@@ -27,6 +27,7 @@ import (
 	"k8s.io/kubernetes/pkg/genericapiserver"
 	"k8s.io/kubernetes/pkg/genericapiserver/authorizer"
 	genericoptions "k8s.io/kubernetes/pkg/genericapiserver/options"
+	kubeoptions "k8s.io/kubernetes/pkg/kubeapiserver/options"
 	"k8s.io/kubernetes/pkg/registry/generic"
 	"k8s.io/kubernetes/pkg/runtime/schema"
 	"k8s.io/kubernetes/pkg/storage/storagebackend"
@@ -60,7 +61,7 @@ type ServerRunOptions struct {
 	Etcd                    *genericoptions.EtcdOptions
 	SecureServing           *genericoptions.SecureServingOptions
 	InsecureServing         *genericoptions.ServingOptions
-	Authentication          *genericoptions.BuiltInAuthenticationOptions
+	Authentication          *kubeoptions.BuiltInAuthenticationOptions
 }
 
 func NewServerRunOptions() *ServerRunOptions {
@@ -69,7 +70,7 @@ func NewServerRunOptions() *ServerRunOptions {
 		Etcd:            genericoptions.NewEtcdOptions(),
 		SecureServing:   genericoptions.NewSecureServingOptions(),
 		InsecureServing: genericoptions.NewInsecureServingOptions(),
-		Authentication:  genericoptions.NewBuiltInAuthenticationOptions().WithAll(),
+		Authentication:  kubeoptions.NewBuiltInAuthenticationOptions().WithAll(),
 	}
 	s.InsecureServing.BindPort = InsecurePort
 	s.SecureServing.ServingOptions.BindPort = SecurePort
@@ -107,7 +108,7 @@ func (serverOptions *ServerRunOptions) Run(stopCh <-chan struct{}) error {
 	if _, err := config.ApplySecureServingOptions(serverOptions.SecureServing); err != nil {
 		return fmt.Errorf("failed to configure https: %s", err)
 	}
-	if _, err := config.ApplyAuthenticationOptions(serverOptions.Authentication); err != nil {
+	if err := serverOptions.Authentication.Apply(config); err != nil {
 		return fmt.Errorf("failed to configure authentication: %s", err)
 	}