diff --git a/services/src/main/java/org/keycloak/services/resources/AccountService.java b/services/src/main/java/org/keycloak/services/resources/AccountService.java
index 3b3e3cfd80..5ba6cae103 100755
--- a/services/src/main/java/org/keycloak/services/resources/AccountService.java
+++ b/services/src/main/java/org/keycloak/services/resources/AccountService.java
@@ -70,6 +70,7 @@ import org.keycloak.util.UriUtils;
 
 import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
+import javax.ws.rs.HttpMethod;
 import javax.ws.rs.OPTIONS;
 import javax.ws.rs.POST;
 import javax.ws.rs.Path;
@@ -181,9 +182,11 @@ public class AccountService {
                 throw new ForbiddenException();
             }
 
-            String referrer = headers.getRequestHeaders().getFirst("Referer");
-            if (referrer != null && !requestOrigin.equals(UriUtils.getOrigin(referrer))) {
-                throw new ForbiddenException();
+            if (!request.getHttpMethod().equals("GET")) {
+                String referrer = headers.getRequestHeaders().getFirst("Referer");
+                if (referrer != null && !requestOrigin.equals(UriUtils.getOrigin(referrer))) {
+                    throw new ForbiddenException();
+                }
             }
         }