diff --git a/pkg/server/token.go b/pkg/server/token.go
index 38629b5d2..24b32f283 100644
--- a/pkg/server/token.go
+++ b/pkg/server/token.go
@@ -6,23 +6,15 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/gin-gonic/gin/binding"
 
-	"github.com/drone/drone/pkg/server/session"
 	common "github.com/drone/drone/pkg/types"
 )
 
 // POST /api/user/tokens
 func PostToken(c *gin.Context) {
-	settings := ToSettings(c)
+	sess := ToSession(c)
 	store := ToDatastore(c)
 	user := ToUser(c)
 
-	// if a session secret is not defined there is no way to
-	// generate jwt user tokens, so we must throw an error
-	if settings.Session == nil || len(settings.Session.Secret) == 0 {
-		c.String(500, "User tokens are not configured")
-		return
-	}
-
 	in := &common.Token{}
 	if !c.BindWith(in, binding.JSON) {
 		return
@@ -43,14 +35,6 @@ func PostToken(c *gin.Context) {
 		return
 	}
 
-	var sess session.Session
-	val, _ := c.Get("session")
-	if val != nil {
-		sess = val.(session.Session)
-	} else {
-		sess = session.New(settings.Session)
-	}
-
 	jwt, err := sess.GenerateToken(token)
 	if err != nil {
 		c.Fail(400, err)