diff --git a/app/__init__.py b/app/__init__.py
index 3c86907a..8d932d71 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -130,7 +130,9 @@ def authorized_with_valid_token(f):
         @wraps(f)
         def decorated_function(*args, **kwargs):
 
-            if settings.debug_oidc_token:
+            if 'token' in session:
+                oidc_blueprint.session.token = {'access_token': session['token']}
+            elif settings.debug_oidc_token:
                 oidc_blueprint.session.token = {'access_token': settings.debug_oidc_token}
             else:
                 try:
@@ -193,9 +195,9 @@ def home():
 
         # To make easier test endpoints
         if 'token' in request.args:
-            settings.debug_oidc_token = request.args['token']
-
-        if settings.debug_oidc_token:
+            session["token"] = request.args['token']
+            oidc_blueprint.session.token = {'access_token': request.args['token']}
+        elif settings.debug_oidc_token:
             oidc_blueprint.session.token = {'access_token': settings.debug_oidc_token}
         else:
             if not oidc_blueprint.session.authorized: