diff --git a/authenticator/middleware/sessionmanager.go b/authenticator/middleware/sessionmanager.go
index 3e0fdb653..58cea2054 100644
--- a/authenticator/middleware/sessionmanager.go
+++ b/authenticator/middleware/sessionmanager.go
@@ -47,6 +47,8 @@ const (
 	// ApiTokenClaimIssuer is the issuer who generated api-token for APIs
 	ApiTokenClaimIssuer = "apiTokenIssuer"
 
+	LicenseManagerClaimIssuer = "licenseManagerIssuer"
+
 	// invalidLoginError, for security purposes, doesn't say whether the username or password was invalid.  This does not mitigate the potential for timing attacks to determine which is which.
 	invalidLoginError         = "Invalid username or password"
 	blankPasswordError        = "Blank passwords are not allowed"
@@ -221,6 +223,8 @@ func (mgr *SessionManager) VerifyToken(tokenString string) (jwt.Claims, error) {
 		return mgr.Parse(tokenString)
 	case ApiTokenClaimIssuer:
 		return mgr.ParseApiToken(tokenString)
+	case LicenseManagerClaimIssuer:
+		return mgr.ParseApiToken(tokenString)
 	default:
 		// IDP signed token
 		prov, err := mgr.provider()