diff --git a/barbican/api/__init__.py b/barbican/api/__init__.py
index 32d9df84a..efe29fc32 100644
--- a/barbican/api/__init__.py
+++ b/barbican/api/__init__.py
@@ -17,6 +17,7 @@
 API handler for Cloudkeep's Barbican
 """
 import falcon
+from oslo.config import cfg
 from pkgutil import simplegeneric
 
 from barbican.common import exception
@@ -28,7 +29,14 @@ from barbican.openstack.common import policy
 
 
 LOG = utils.getLogger(__name__)
-MAX_BYTES_REQUEST_INPUT_ACCEPTED = 1000000
+MAX_BYTES_REQUEST_INPUT_ACCEPTED = 15000
+common_opts = [
+    cfg.IntOpt('max_allowed_request_size_in_bytes',
+               default=MAX_BYTES_REQUEST_INPUT_ACCEPTED),
+]
+
+CONF = cfg.CONF
+CONF.register_opts(common_opts)
 
 
 class ApiResource(object):
@@ -68,7 +76,7 @@ def load_body(req, resp=None, validator=None):
     :return: A dict of values from the JSON request.
     """
     try:
-        raw_json = req.stream.read(MAX_BYTES_REQUEST_INPUT_ACCEPTED)
+        raw_json = req.stream.read(CONF.max_allowed_request_size_in_bytes)
     except IOError:
         LOG.exception("Problem reading request JSON stream.")
         abort(falcon.HTTP_500, 'Read Error', req, resp)
diff --git a/etc/barbican/barbican-api.conf b/etc/barbican/barbican-api.conf
index f00b3995d..4d6821f49 100644
--- a/etc/barbican/barbican-api.conf
+++ b/etc/barbican/barbican-api.conf
@@ -27,6 +27,9 @@ backlog = 4096
 # Not supported on OS X.
 #tcp_keepidle = 600
 
+# Maximum allowed http request size against the barbican-api
+max_allowed_secret_in_bytes = 15000
+
 # SQLAlchemy connection string for the reference implementation
 # registry server. Any valid SQLAlchemy connection string is fine.
 # See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine