diff --git a/kernel/api/router.go b/kernel/api/router.go
index fcd7fffb2..e74ef56ac 100644
--- a/kernel/api/router.go
+++ b/kernel/api/router.go
@@ -37,6 +37,7 @@ func ServeAPI(ginServer *gin.Engine) {
 	// 需要鉴权
 
 	ginServer.Handle("POST", "/api/system/getEmojiConf", model.CheckAuth, getEmojiConf)
+	ginServer.Handle("POST", "/api/system/setAPIToken", model.CheckAuth, model.CheckReadonly, setAPIToken)
 	ginServer.Handle("POST", "/api/system/setAccessAuthCode", model.CheckAuth, model.CheckReadonly, setAccessAuthCode)
 	ginServer.Handle("POST", "/api/system/setFollowSystemLockScreen", model.CheckAuth, model.CheckReadonly, setFollowSystemLockScreen)
 	ginServer.Handle("POST", "/api/system/setNetworkServe", model.CheckAuth, model.CheckReadonly, setNetworkServe)
diff --git a/kernel/api/system.go b/kernel/api/system.go
index 175d6018c..857ea4fe1 100644
--- a/kernel/api/system.go
+++ b/kernel/api/system.go
@@ -239,6 +239,20 @@ func setUILayout(c *gin.Context) {
 	model.Conf.Save()
 }
 
+func setAPIToken(c *gin.Context) {
+	ret := gulu.Ret.NewResult()
+	defer c.JSON(http.StatusOK, ret)
+
+	arg, ok := util.JsonArg(c, ret)
+	if !ok {
+		return
+	}
+
+	token := arg["token"].(string)
+	model.Conf.Api.Token = token
+	model.Conf.Save()
+}
+
 func setAccessAuthCode(c *gin.Context) {
 	ret := gulu.Ret.NewResult()
 	defer c.JSON(http.StatusOK, ret)