diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index e6d43f5d46d..1eed32b2197 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -281,7 +281,9 @@ class ApplicationController < ActionController::Base
     end
 
     def redirect_to_login_if_required
-      redirect_to :login if SiteSetting.login_required? && !current_user
+      return if current_user || (request.format.json? && api_key_valid?)
+
+      redirect_to :login if SiteSetting.login_required?
     end
 
     def build_not_found_page(status=404, layout=false)
diff --git a/spec/controllers/topics_controller_spec.rb b/spec/controllers/topics_controller_spec.rb
index e8500332f66..5e666724501 100644
--- a/spec/controllers/topics_controller_spec.rb
+++ b/spec/controllers/topics_controller_spec.rb
@@ -583,10 +583,22 @@ describe TopicsController do
       end
 
       context 'and the user is not logged in' do
+        let(:api_key) { topic.user.generate_api_key(topic.user) }
+
         it 'redirects to the login page' do
           get :show, topic_id: topic.id, slug: topic.slug
           expect(response).to redirect_to login_path
         end
+
+        it 'shows the topic if valid api key is provided' do
+          get :show, topic_id: topic.id, slug: topic.slug, api_key: api_key.key
+          expect(response).to be_successful
+        end
+
+        it 'redirects to the login page if invalid key is provided' do
+          get :show, topic_id: topic.id, slug: topic.slug, api_key: "bad"
+          expect(response).to redirect_to login_path
+        end
       end
     end
   end