diff --git a/htdocs/api/class/api_access.class.php b/htdocs/api/class/api_access.class.php
index f885677225e..37b7b079716 100644
--- a/htdocs/api/class/api_access.class.php
+++ b/htdocs/api/class/api_access.class.php
@@ -142,12 +142,28 @@ class DolibarrApiAccess implements iAuthenticate
 			if (!$login) {
 				throw new RestException(503, 'Error when searching login user from api key');
 			}
+
+			$genericmessageerroruser = 'Error user not valid (not found or bad status or bad validity dates) (conf->entity='.$conf->entity.')';
+
 			$fuser = new User($this->db);
 			$result = $fuser->fetch('', $login, '', 0, (empty($userentity) ? -1 : $conf->entity)); // If user is not entity 0, we search in working entity $conf->entity  (that may have been forced to a different value than user entity)
 			if ($result <= 0) {
-				throw new RestException(503, 'Error when fetching user :'.$fuser->error.' (conf->entity='.$conf->entity.')');
+				throw new RestException(503, $genericmessageerroruser);
 			}
 
+			$now = dol_now();
+
+			// Check date start validity
+			if ($fuser->datestartvalidity && $this->db->jdate($fuser->datestartvalidity) > $now) {
+				throw new RestException(503, $genericmessageerroruser);
+			}
+			// Check date end validity
+			if ($fuser->dateendvalidity && $this->db->jdate($fuser->dateendvalidity) < dol_get_first_hour($now)) {
+				throw new RestException(503, $genericmessageerroruser);
+			}
+
+
+			// User seems valid
 			$fuser->getrights();
 
 			// Set the property $user to the $user of API