diff --git a/test/API-loopback-token-searchDefaultTokenKeys.js b/test/API-loopback-token-searchDefaultTokenKeys.js
new file mode 100644
index 00000000..a4e8a603
--- /dev/null
+++ b/test/API-loopback-token-searchDefaultTokenKeys.js
@@ -0,0 +1,104 @@
+'use strict';
+var debug = require('debug')('AccessToken.test');
+var inspect = require('util').inspect;
+/*
+* API:Middleware:loopback.token(options)
+*/
+var S = {
+  REQUIRE:{
+    FILE: {
+      TEST: {
+        LOOPBACK: {
+          TOKEN: './TEST-loopback-token-searchDefaultTokenKeys',
+        }
+      }
+    }
+  }
+};
+var api = {
+  loopback: {
+    token: {
+      optionsUndefined: require(S.REQUIRE.FILE.TEST.LOOPBACK.TOKEN).api.loopback.token.optionsUndefined,
+      options:{
+        searchDefaultTokenKeys: require(S.REQUIRE.FILE.TEST.LOOPBACK.TOKEN).api.loopback.token.options.searchDefaultTokenKeys
+      }
+    }
+  }
+};
+
+describe('API:Middleware:loopback.token(options)', function() {
+  describe('options = {}', function() {
+    var itTxt;
+    var expect = 200;
+    var header = 'authorization';
+    var testOptions = {
+      expect: expect,
+      header: header,
+    };
+    // describe('A normal use case, where a well-known header is used with no other options needed');
+    itTxt = 'Test header=' + header + ' and expect ' + expect;
+    it(itTxt, function(done) {
+      testOptions['done'] = done;
+      api.loopback.token.optionsUndefined(testOptions);
+    });
+  });
+  describe('options.searchDefaultTokenKeys: [true|false]', function() {
+    var itTxt;
+    var expect = 200;
+    var searchDefaultTokenKeys = false;
+    var header = 'authorization';
+    var testOptions = {
+      expect: expect,
+      header: header,
+    };
+    var headers = ['header'];
+    var tokenOptions = {
+      searchDefaultTokenKeys: searchDefaultTokenKeys,
+      headers: headers,
+    };
+
+    // describe('The normal use case for searchDefaultTokenKeys')
+    itTxt = 'Test header=' + header + ' searchDefaultTokenKeys=' + searchDefaultTokenKeys + ' and expect ' + expect;
+    it(itTxt, function(done) {
+      testOptions['done'] = done;
+      api.loopback.token.options.searchDefaultTokenKeys(testOptions, tokenOptions);
+    });
+
+    // describe('Specific enabelment of searchDefaultTokenKeys')
+    searchDefaultTokenKeys = true;
+    headers = [];
+    itTxt = 'Test header=' + header + ' searchDefaultTokenKeys=' + searchDefaultTokenKeys + ' and expect ' + expect;
+    it(itTxt, function(done) {
+      testOptions['done'] = done;
+      testOptions['headers'] = headers;
+      api.loopback.token.options.searchDefaultTokenKeys(testOptions, tokenOptions);
+    });
+
+    // describe('A test case for regression')
+    searchDefaultTokenKeys = undefined;
+    headers = [];
+    itTxt = 'Test header=' + header + ' searchDefaultTokenKeys=' + searchDefaultTokenKeys + ' and expect ' + expect;
+    it(itTxt, function(done) {
+      testOptions['searchDefaultTokenKeys'] = undefined; //FIXME: is this a good way
+      testOptions['headers'] = headers;
+      testOptions['done'] = done;
+      api.loopback.token.options.searchDefaultTokenKeys(testOptions, tokenOptions);
+    });
+
+    /*
+      FIXME: TEST appGet try/catch does not support this test
+    // describe('A non-normal use case to check that default token headers are not used')
+    searchDefaultTokenKeys = false; // any defaults ...
+    headers = []; // ... are not concated, and the empty array for token areas ...
+    expect = 401; // ... gives the expected result.
+    itTxt = 'Test header='+ header +' searchDefaultTokenKeys='+ searchDefaultTokenKeys +' no headers and expect '+ expect;
+    it(itTxt, function(done) {
+      testOptions['done'] = done;
+      testOptions['searchDefaultTokenKeys'] = searchDefaultTokenKeys;
+      testOptions['expect'] = expect;
+      testOptions['headers'] = headers;
+      api.loopback.token.searchDefaultTokenKeys(testOptions, tokenOptions);
+    });
+    */
+  });
+});
diff --git a/test/TEST-loopback-token-searchDefaultTokenKeys.js b/test/TEST-loopback-token-searchDefaultTokenKeys.js
new file mode 100644
index 00000000..84b1bdde
--- /dev/null
+++ b/test/TEST-loopback-token-searchDefaultTokenKeys.js
@@ -0,0 +1,113 @@
+'use strict';
+
+var debug = require('debug')('AccessToken.app');
+var inspect = require('util').inspect;
+/*
+  TEST:Middleware:loopback.token.searchDefaultTokenKeys
+*/
+module.exports = {
+  api : {
+    loopback: {
+      token: {
+        optionsUndefined: optionsUndefined,
+        options: {
+          searchDefaultTokenKeys: searchDefaultTokenKeys,
+        }
+      }
+    }
+  }
+};
+
+var loopback = require('../');
+var tokenId;  //FIXME: another way than this 'global'
+
+
+function optionsUndefined(testOptions) {
+  debug('optionsUndefined testOptions:\n' + inspect(testOptions) + '\n');
+  var tokenOptions = {};
+  var app = createTokenStartApp(testOptions, tokenOptions);
+}
+
+function searchDefaultTokenKeys(testOptions, tokenOptions) {
+  debug('optionsUndefined searchDefaultTokenKeys:\n' + inspect(testOptions) + '\n');
+  var app = createTokenStartApp(testOptions, tokenOptions);
+}
+
+function sendRequest(app, testOptions) {
+  debug('sendRequest testOptions.tokenId:\n' + inspect(testOptions.tokenId) + '\n');
+  request(app)
+    .get(testOptions.get)
+    .set(testOptions.header, testOptions.tokenId)
+    .expect(testOptions.expect)
+    .end(testOptions.done);
+}
+
+function createTokenStartApp(testOptions, tokenOptions) {
+  var extend = require('util')._extend;
+  var Token = loopback.AccessToken.extend('MyToken');
+  var tokenDataSource = loopback.createDataSource({connector: loopback.Memory});
+  var tokenCreate = {userId: '123'};
+  var done = testOptions.done;
+  testOptions['get'] = '/';
+
+  Token.attachTo(tokenDataSource);
+  tokenOptions['model'] = Token;
+  tokenOptions['currentUserLiteral'] = 'me';
+  
+  Token.create(tokenCreate, function(err, token) {
+    if (err) return done(err);
+    testOptions['tokenId'] = token.id;
+    var app = startApp(testOptions, tokenOptions);
+    sendRequest(app, testOptions);
+  });
+}
+
+function attachAndReturnModel() {
+  var ACL = loopback.ACL;
+  var acl = {
+    principalType: 'ROLE',
+    principalId: '$everyone',
+    accessType: ACL.ALL,
+    permission: ACL.DENY,
+    property: '*'
+  };
+  var modelOptions = {acls: [acl]};
+  var TestModel = loopback.PersistedModel.extend('test', {}, modelOptions);
+  TestModel.attachTo(loopback.memory());
+  return TestModel;
+}
+
+// FIXME: try/catch does not support searchDefaultTokenKeys = false and headers = []
+function appGet(req, res) {
+  debug('appeget req:\n' + inspect(req) + '\n' );
+  debug('appeget res:\n' + inspect(res) + '\n' );
+/*
+  debug('appGet req.headers:\n' + inspect(req.headers) + '\n');
+  debug('appGet req.accessToken:\n' + inspect(req.accessToken) + '\n');
+  debug('appGet tokenId:\n' + tokenId + '\n');
+ */  
+  var send = '200';
+  try {
+    assert(req.accessToken, 'req should have accessToken');
+    assert(req.accessToken.id === tokenId); //FIXME: another way than this 'global'
+    // FIXME: ok the req HAS accessToken.id but this is not a good test
+    
+  } catch (error) {
+    debug('app.get error:\n' + error + '\n');
+    send = '401';
+  }
+  debug('app.get send:\n' + send + '\n');
+  res.send(send);
+}
+
+function startApp(testOptions, tokenOptions) {
+  var get = testOptions.get;
+  var app = loopback();
+  var TestModel = attachAndReturnModel();
+  app.model(TestModel);
+  app.use(loopback.token(tokenOptions)); // The subject of all this work
+  app.get(get, appGet);
+  app.use(loopback.rest());
+  app.enableAuth();
+  return app;
+}