diff --git a/Dockerfile b/Dockerfile
index 990d3b3..d2a1df2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,7 @@
 FROM alpine
 
 ENV PSU_AUTHENTICATION_PASSWORD="" \
+  PSU_AUTH_TOKEN="" \
   PSU_AUTHENTICATION_USER="" \
   PSU_CONFIG="" \
   PSU_CONFIG_LIST_KEYS="" \
diff --git a/cmd/root.go b/cmd/root.go
index c1b7912..0e3411e 100644
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -44,6 +44,7 @@ func init() {
 	rootCmd.PersistentFlags().StringP("url", "l", "", "Portainer url")
 	rootCmd.PersistentFlags().StringP("user", "u", "", "Portainer user")
 	rootCmd.PersistentFlags().StringP("password", "p", "", "Portainer password")
+	rootCmd.PersistentFlags().StringP("auth-token", "A", "", "Portainer auth token")
 	rootCmd.PersistentFlags().DurationP("timeout", "t", 0, "waiting time before aborting (like 100ms, 30s, 1h20m)")
 	viper.BindPFlag("config", rootCmd.PersistentFlags().Lookup("config"))
 	viper.BindPFlag("verbose", rootCmd.PersistentFlags().Lookup("verbose"))
@@ -53,6 +54,7 @@ func init() {
 	viper.BindPFlag("timeout", rootCmd.PersistentFlags().Lookup("timeout"))
 	viper.BindPFlag("user", rootCmd.PersistentFlags().Lookup("user"))
 	viper.BindPFlag("password", rootCmd.PersistentFlags().Lookup("password"))
+	viper.BindPFlag("auth-token", rootCmd.PersistentFlags().Lookup("auth-token"))
 }
 
 // initConfig reads in config file and ENV variables if set.
diff --git a/common/authentication.go b/common/authentication.go
index cc3fe7a..23cc6ab 100644
--- a/common/authentication.go
+++ b/common/authentication.go
@@ -13,10 +13,14 @@ var cachedAuthenticationToken string
 
 func GetAuthenticationToken() (string, error) {
 	if cachedAuthenticationToken == "" {
-		var authenticationTokenRetrievalErr error
-		cachedAuthenticationToken, authenticationTokenRetrievalErr = GetNewAuthenticationToken()
-		if authenticationTokenRetrievalErr != nil {
-			return "", authenticationTokenRetrievalErr
+		if viper.GetString("auth-token") != "" {
+			cachedAuthenticationToken = viper.GetString("auth-token")
+		} else {
+			var authenticationTokenRetrievalErr error
+			cachedAuthenticationToken, authenticationTokenRetrievalErr = GetNewAuthenticationToken()
+			if authenticationTokenRetrievalErr != nil {
+				return "", authenticationTokenRetrievalErr
+			}
 		}
 	}
 	return cachedAuthenticationToken, nil