diff --git a/lib/authed-fetch.js b/lib/authed-fetch.js
index 4f242bd05..7fd369f3e 100644
--- a/lib/authed-fetch.js
+++ b/lib/authed-fetch.js
@@ -1,7 +1,12 @@
 const QueuedFetch = require("./caching-queued-fetch");
 const { queuedFetch } = QueuedFetch;
 
-const config = require("../config.json") || {};
+let config;
+try {
+  config = require("../config.json");
+} catch (e) {
+  config = {};
+}
 
 const authedFetch = (url) => {
   // this is the value used for the discourse API, and feels like a safe default in general
@@ -10,7 +15,7 @@ const authedFetch = (url) => {
   const headers =  {
     'User-Agent': 'W3C Group dashboard https://github.com/w3c/cg-monitor'
   };
-  if (u.href.startsWith("https://api.github.com/")) {
+  if (u.href.startsWith("https://api.github.com/") && config.ghapitoken) {
     headers['Authorization'] = 'token ' + config.ghapitoken;
     // Roughly matching github API rate limit of 5000 requests per hour
     interval = 750;