diff --git a/ApplicationConfig/Providers/SessionInfo.php b/ApplicationConfig/Providers/SessionInfo.php
index b4d2e21ed..43b5e6c72 100644
--- a/ApplicationConfig/Providers/SessionInfo.php
+++ b/ApplicationConfig/Providers/SessionInfo.php
@@ -29,7 +29,7 @@ class SessionInfo implements Provider
 
     public function __construct(
         SessionInterface $session,
-        CsrfTokenManagerInterface $csrfTokenManager,
+        CsrfTokenManagerInterface $csrfTokenManager = null,
         $csrfTokenIntention,
         RouterInterface $router
     ) {
@@ -46,11 +46,14 @@ public function getConfig()
             $sessionInfo['isStarted'] = true;
             $sessionInfo['name'] = $this->session->getName();
             $sessionInfo['identifier'] = $this->session->getId();
-            $sessionInfo['csrfToken'] = $this->csrfTokenManager->getToken($this->csrfTokenIntention)->getValue();
             $sessionInfo['href'] = $this->generateUrl(
                 'ezpublish_rest_deleteSession',
                 ['sessionId' => $this->session->getId()]
             );
+
+            if ($this->csrfTokenManager instanceof CsrfTokenManagerInterface) {
+                $sessionInfo['csrfToken'] = $this->csrfTokenManager->getToken($this->csrfTokenIntention)->getValue();
+            }
         }
 
         return $sessionInfo;
diff --git a/Resources/config/services.yml b/Resources/config/services.yml
index 2db8eb3f6..db77787a9 100644
--- a/Resources/config/services.yml
+++ b/Resources/config/services.yml
@@ -60,7 +60,7 @@ services:
         class: %ezsystems.platformui.application_config.provider.session_info.class%
         arguments:
             - @session
-            - @security.csrf.token_manager
+            - @?security.csrf.token_manager
             - %ezpublish_rest.csrf_token_intention%
             - @router
         tags: