diff --git a/src/DigitalData.Auth.API/Controllers/AuthController.cs b/src/DigitalData.Auth.API/Controllers/AuthController.cs
index 05b597e..3c39a48 100644
--- a/src/DigitalData.Auth.API/Controllers/AuthController.cs
+++ b/src/DigitalData.Auth.API/Controllers/AuthController.cs
@@ -81,12 +81,12 @@ namespace DigitalData.Auth.API.Controllers
         }
 
         private async Task<IActionResult> CreateTokenAsync(ConsumerApiLogin login, bool cookie = true)
-        {          
-            if (!await _consumerApiService.VerifyAsync(login.Name, login.Password))
-                return Unauthorized();
-
+        {
             var api = await _consumerApiService.ReadByNameAsync(login.Name);
 
+            if (api is null || api.Password != login.Password)
+                return Unauthorized();
+    
             if (!_cryptoFactory.TokenDescriptors.TryGet(_apiParams.Issuer, _apiParams.DefaultConsumer.Audience, out var descriptor) || descriptor is null)
                 return StatusCode(StatusCodes.Status500InternalServerError);
 
@@ -162,6 +162,20 @@ namespace DigitalData.Auth.API.Controllers
             }
         }
 
+        [HttpPost()]
+        public async Task<IActionResult> CreateTokenViaBody([FromBody] ConsumerApiLogin login, [FromQuery] bool cookie = false)
+        {
+            try
+            {
+                return await CreateTokenAsync(login, cookie);
+            }
+            catch (Exception ex)
+            {
+                _logger.LogError(ex, "{Message}", ex.Message);
+                return StatusCode(StatusCodes.Status500InternalServerError);
+            }
+        }
+
         [HttpGet("check")]
         [Authorize]
         public IActionResult Check() => Ok();
diff --git a/src/DigitalData.Auth.API/Services/DIExtensions.cs b/src/DigitalData.Auth.API/Services/DIExtensions.cs
index 361133b..d9d08c8 100644
--- a/src/DigitalData.Auth.API/Services/DIExtensions.cs
+++ b/src/DigitalData.Auth.API/Services/DIExtensions.cs
@@ -8,7 +8,7 @@ namespace DigitalData.Auth.API.Services
     {
         public static IServiceCollection AddConsumerApiServiceFromConfiguration(this IServiceCollection services, IConfiguration configuration, string key = "ConsumerAPIs")
         {
-            var consumerApis = configuration.GetSection("ConsumerAPIs").Get<List<ConsumerApi>>() ?? throw new InvalidOperationException($"No Consumer list found in {key} in configuration.");
+            var consumerApis = configuration.GetSection("ConsumerAPIs").Get<IEnumerable<ConsumerApi>>() ?? throw new InvalidOperationException($"No Consumer list found in {key} in configuration.");
             services.AddSingleton(Options.Create(consumerApis));
             services.AddSingleton<IConsumerApiService, ConfiguredConsumerApiService>();
             return services;