diff --git a/lib/noosfero/api/helpers.rb b/lib/noosfero/api/helpers.rb
index b62249d..717f028 100644
--- a/lib/noosfero/api/helpers.rb
+++ b/lib/noosfero/api/helpers.rb
@@ -9,7 +9,7 @@ module Noosfero
       end
   
       def current_user
-        private_token = params[PRIVATE_TOKEN_PARAM].to_s if params
+        private_token = (params[PRIVATE_TOKEN_PARAM] || headers['Private-Token']).to_s if params
         @current_user ||= User.find_by_private_token(private_token)
         @current_user = nil if !@current_user.nil? && @current_user.private_token_expired?
         @current_user
diff --git a/test/unit/api/helpers_test.rb b/test/unit/api/helpers_test.rb
index ab23150..945fa02 100644
--- a/test/unit/api/helpers_test.rb
+++ b/test/unit/api/helpers_test.rb
@@ -5,6 +5,12 @@ class APITest < ActiveSupport::TestCase
 
   include Noosfero::API::APIHelpers
 
+  def setup
+    @headers = {}
+  end
+
+  attr_accessor :headers
+
   should 'get the current user with valid token' do
     user = create_user('someuser')
     user.generate_private_token!
@@ -12,6 +18,13 @@ class APITest < ActiveSupport::TestCase
     assert_equal user, current_user
   end
 
+  should 'get the current user with valid token in header' do
+    user = create_user('someuser')
+    user.generate_private_token!
+    headers['Private-Token'] = user.private_token
+    assert_equal user, current_user
+  end
+
   should 'not get the current user with expired token' do
     user = create_user('someuser')
     user.generate_private_token!
@@ -154,4 +167,5 @@ class APITest < ActiveSupport::TestCase
   def params= value
     @params = value
   end
+
 end
--
libgit2 0.21.2