diff --git a/gluon/contrib/login_methods/janrain_account.py b/gluon/contrib/login_methods/janrain_account.py
index 02229ce8..1834b322 100644
--- a/gluon/contrib/login_methods/janrain_account.py
+++ b/gluon/contrib/login_methods/janrain_account.py
@@ -78,10 +78,13 @@ class RPXAccount(object):
 
     def get_user(self):
         request = self.request
-        if request.vars.token:
+        # Janrain now sends the token via both a POST body and the query
+        # string, so we should keep only one of these.
+        token = request.post_vars.token or request.get_vars.token
+        if token:
             user = Storage()
             data = urllib.urlencode(
-                dict(apiKey=self.api_key, token=request.vars.token))
+                dict(apiKey=self.api_key, token=token))
             auth_info_json = fetch(self.auth_url + '?' + data)
             auth_info = json.loads(auth_info_json)
 
diff --git a/gluon/contrib/login_methods/rpx_account.py b/gluon/contrib/login_methods/rpx_account.py
index 4d7cbf40..dcfdc114 100644
--- a/gluon/contrib/login_methods/rpx_account.py
+++ b/gluon/contrib/login_methods/rpx_account.py
@@ -78,10 +78,13 @@ class RPXAccount(object):
 
     def get_user(self):
         request = self.request
-        if request.vars.token:
+        # Janrain now sends the token via both a POST body and the query
+        # string, so we should keep only one of these.
+        token = request.post_vars.token or request.get_vars.token
+        if token:
             user = Storage()
             data = urllib.urlencode(
-                dict(apiKey=self.api_key, token=request.vars.token))
+                dict(apiKey=self.api_key, token=token))
             auth_info_json = fetch(self.auth_url + '?' + data)
             auth_info = json.loads(auth_info_json)