diff --git a/server/http_handler.go b/server/http_handler.go
index bc68394..7c4ae8c 100644
--- a/server/http_handler.go
+++ b/server/http_handler.go
@@ -153,6 +153,7 @@ func (h *houstonHandler) RegisterHandlers(serveMux *http.ServeMux, prefix string
 }
 
 var noauth = flagx.Bool("noauth", false, "")
+var authtype = flagx.String("auth", "on", "on|off|both")
 
 func (h *houstonHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	defer func() {
@@ -169,7 +170,7 @@ func (h *houstonHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	}()
 
 	var userinfo map[string]any
-	if !*noauth {
+	if !*noauth && (*authtype == "on" || *authtype == "both") {
 		authheader := r.Header.Get("Authorization")
 		if len(authheader) == 0 {
 			logger.Println("Authorization header is not valid :", authheader)