diff --git a/api/models/token.py b/api/models/token.py
index 81c0373e..e0ad6646 100644
--- a/api/models/token.py
+++ b/api/models/token.py
@@ -25,11 +25,12 @@ class APIUserToken(models.Model):
         return self.token
 
     @staticmethod
-    def get_user_from_token(token: str):
+    def get_user_from_token(token: str, username: str):
         """ Getter for the related user object
 
         Args:
             token (str): The used token
+            username (str): The username
 
         Returns:
             user (User): Otherwise None
@@ -38,11 +39,12 @@ class APIUserToken(models.Model):
         try:
             token_obj = APIUserToken.objects.get(
                 token=token,
+                user__username=username
             )
             if not token_obj.is_active:
                 raise PermissionError("Token unverified")
             if token_obj.valid_until is not None and token_obj.valid_until < _today:
                 raise PermissionError("Token validity expired")
         except ObjectDoesNotExist:
-            raise PermissionError("Token invalid")
+            raise PermissionError("Credentials invalid")
         return token_obj.user
diff --git a/api/settings.py b/api/settings.py
index ad7afef1..27cd8e51 100644
--- a/api/settings.py
+++ b/api/settings.py
@@ -5,4 +5,5 @@ Contact: michel.peltriaux@sgdnord.rlp.de
 Created on: 21.01.22
 
 """
-KSP_TOKEN_HEADER_IDENTIFIER = "Ksptoken"
\ No newline at end of file
+KSP_TOKEN_HEADER_IDENTIFIER = "Ksptoken"
+KSP_USER_HEADER_IDENTIFIER = "Kspuser"
\ No newline at end of file
diff --git a/api/tests/v1/share/test_api_sharing.py b/api/tests/v1/share/test_api_sharing.py
index d5c8b057..9e7c9eec 100644
--- a/api/tests/v1/share/test_api_sharing.py
+++ b/api/tests/v1/share/test_api_sharing.py
@@ -20,6 +20,7 @@ class BaseAPIV1TestCase(BaseTestCase):
 
         cls.header_data = {
             "HTTP_ksptoken": cls.superuser.api_token.token,
+            "HTTP_kspuser": cls.superuser.username,
         }
 
 
diff --git a/api/views/views.py b/api/views/views.py
index 4e0899f2..fb4f6df1 100644
--- a/api/views/views.py
+++ b/api/views/views.py
@@ -13,7 +13,7 @@ from django.views import View
 from django.views.decorators.csrf import csrf_exempt
 
 from api.models import APIUserToken
-from api.settings import KSP_TOKEN_HEADER_IDENTIFIER
+from api.settings import KSP_TOKEN_HEADER_IDENTIFIER, KSP_USER_HEADER_IDENTIFIER
 from compensation.models import EcoAccount
 from ema.models import Ema
 from intervention.models import Intervention
@@ -39,7 +39,9 @@ class AbstractAPIView(View):
     def dispatch(self, request, *args, **kwargs):
         try:
             # Fetch the proper user from the given request header token
-            self.user = APIUserToken.get_user_from_token(request.headers.get(KSP_TOKEN_HEADER_IDENTIFIER, None))
+            ksp_token = request.headers.get(KSP_TOKEN_HEADER_IDENTIFIER, None)
+            ksp_user = request.headers.get(KSP_USER_HEADER_IDENTIFIER, None)
+            self.user = APIUserToken.get_user_from_token(ksp_token, ksp_user)
             if not self.user.is_default_user():
                 raise PermissionError("Default permissions required")
         except PermissionError as e:
diff --git a/locale/de/LC_MESSAGES/django.mo b/locale/de/LC_MESSAGES/django.mo
index 714249f6..cb58ae7f 100644
Binary files a/locale/de/LC_MESSAGES/django.mo and b/locale/de/LC_MESSAGES/django.mo differ
diff --git a/locale/de/LC_MESSAGES/django.po b/locale/de/LC_MESSAGES/django.po
index c3e256ff..40c27fe3 100644
--- a/locale/de/LC_MESSAGES/django.po
+++ b/locale/de/LC_MESSAGES/django.po
@@ -26,7 +26,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-01-27 11:44+0100\n"
+"POT-Creation-Date: 2022-01-28 16:27+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -1950,15 +1950,16 @@ msgstr "Hallo Support"
 msgid "you need to verify the API token for user"
 msgstr "Sie müssen einen API Token für folgenden Nutzer freischalten"
 
-#: templates/email/api/verify_token.html:13
+#: templates/email/api/verify_token.html:15
 msgid ""
 "If unsure, please contact the user. The API token can not be used until you "
 "activated it in the admin backend."
 msgstr ""
-"Falls Sie sich unsicher sind, kontaktieren Sie den Nutzer vorher. Der API Token kann so lange nicht verwendet werden, "
-"wie er noch nicht von Ihnen im Admin Backend aktiviert worden ist."
+"Falls Sie sich unsicher sind, kontaktieren Sie den Nutzer vorher. Der API "
+"Token kann so lange nicht verwendet werden, wie er noch nicht von Ihnen im "
+"Admin Backend aktiviert worden ist."
 
-#: templates/email/api/verify_token.html:16
+#: templates/email/api/verify_token.html:18
 #: templates/email/checking/shared_data_checked.html:17
 #: templates/email/deleting/shared_data_deleted.html:17
 #: templates/email/recording/shared_data_recorded.html:17
@@ -2354,15 +2355,15 @@ msgstr "Aktueller Token"
 msgid "Authenticated by admins"
 msgstr "Von Admin freigeschaltet"
 
-#: user/templates/user/token.html:16
+#: user/templates/user/token.html:18
 msgid "Token has been verified and can be used"
 msgstr "Token wurde freigeschaltet und kann verwendet werden"
 
-#: user/templates/user/token.html:18
+#: user/templates/user/token.html:20
 msgid "Token waiting for verification"
 msgstr "Token noch nicht freigeschaltet"
 
-#: user/templates/user/token.html:22
+#: user/templates/user/token.html:24
 msgid "Valid until"
 msgstr "Läuft ab am"