diff --git a/api/decorators.py b/api/decorators.py
index 411e314..4073fbd 100644
--- a/api/decorators.py
+++ b/api/decorators.py
@@ -2,7 +2,7 @@ from collections.abc import Callable
 from functools import wraps
 
 from django.http import JsonResponse
-
+from core.models import Config
 
 def identity_required(function):
     """
@@ -35,6 +35,9 @@ def scope_required(scope: str, requires_identity=True):
                     # They're just logged in via cookie - give full access
                     pass
                 else:
+                    if Config.system.public_timeline and scope == "read:statuses":
+                        return function(request, *args, **kwargs)
+
                     return JsonResponse(
                         {"error": "identity_token_required"}, status=401
                     )