diff --git a/lemonldap-ng-common/lemonldap-ng.ini b/lemonldap-ng-common/lemonldap-ng.ini
index d57e73000..29b55da08 100644
--- a/lemonldap-ng-common/lemonldap-ng.ini
+++ b/lemonldap-ng-common/lemonldap-ng.ini
@@ -302,6 +302,10 @@ languages    = en, fr, vi, it, ar, de, fi
 ; Read Lemonldap::NG::Portal::Main::Plugin(3pm) man page.
 ;customPlugins = My::Package1, My::Package2
 
+; To avoid bad/expired OTT if authssl and auth are served by different Load Balancers
+; you can override OTT configuration to store Upgrade OTT into global storage
+;forceGlobalStorageUpgradeOTT = 1
+
 [handler]
 
 ; Handler cache configuration
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OneTimeToken.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OneTimeToken.pm
index c2c7af427..538341613 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OneTimeToken.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OneTimeToken.pm
@@ -5,7 +5,7 @@ use Mouse;
 use JSON qw(from_json to_json);
 use Crypt::URandom;
 
-our $VERSION = '2.0.5';
+our $VERSION = '2.0.6';
 
 extends 'Lemonldap::NG::Common::Module';
 
@@ -34,7 +34,7 @@ has cache => (
             }
             else {
                 $_[0]->{p}->logger->error(
-'Local storage not defined, token will be store in global storage'
+'Local storage not defined, token will be stored into global storage'
                 );
                 return undef;
             }
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Upgrade.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Upgrade.pm
index 91ad9416f..315d915e4 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Upgrade.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Upgrade.pm
@@ -8,7 +8,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
   PE_TOKENEXPIRED
 );
 
-our $VERSION = '2.0.3';
+our $VERSION = '2.0.6';
 
 extends 'Lemonldap::NG::Portal::Main::Plugin';
 
@@ -27,6 +27,10 @@ has ott => (
 
 sub init {
     my ($self) = @_;
+    if ( $self->conf->{forceGlobalStorageUpgradeOTT} ) {
+        $self->logger->debug("Upgrade token will be stored into global storage");
+        $self->ott->cache(undef);
+    }
     $self->addAuthRoute( upgradesession => 'ask',     ['GET'] );
     $self->addAuthRoute( upgradesession => 'confirm', ['POST'] );
 }
diff --git a/lemonldap-ng-portal/t/62-UpgradeSession.t b/lemonldap-ng-portal/t/62-UpgradeSession.t
index bdb0d5a18..33a9afbbb 100644
--- a/lemonldap-ng-portal/t/62-UpgradeSession.t
+++ b/lemonldap-ng-portal/t/62-UpgradeSession.t
@@ -11,12 +11,13 @@ count(1);
 
 my $client = LLNG::Manager::Test->new( {
         ini => {
-            logLevel            => 'error',
-            upgradeSession      => 1,
-            authentication      => 'Choice',
-            apacheAuthnLevel    => 5,
-            userDB              => 'Same',
-            'authChoiceModules' => {
+            logLevel                     => 'error',
+            upgradeSession               => 1,
+            authentication               => 'Choice',
+            apacheAuthnLevel             => 5,
+            forceGlobalStorageUpgradeOTT => 1,
+            userDB                       => 'Same',
+            'authChoiceModules'          => {
                 'strong' => 'Apache;Demo;Null;;;{}',
                 'weak'   => 'Demo;Demo;Null;;;{}'
             },