diff --git a/actions/api.php b/actions/api.php
index 21fe4eea32..a27d244929 100644
--- a/actions/api.php
+++ b/actions/api.php
@@ -131,13 +131,13 @@ class ApiAction extends Action
                                  'statuses/followers',
                                  'favorites/favorites');
 
-        # If the site is "private", all API methods need authentication
-
-        if (common_config('site', 'private')) {
-            return true;
-        }
-
         $fullname = "$this->api_action/$this->api_method";
+        
+        // If the site is "private", all API methods except laconica/config 
+        // need authentication
+        if (common_config('site', 'private')) {
+            return $fullname != 'laconica/config' || false;
+        }
 
         if (in_array($fullname, $bareauth)) {
             # bareauth: only needs auth if without an argument