diff --git a/rhodecode/api/views/user_api.py b/rhodecode/api/views/user_api.py
--- a/rhodecode/api/views/user_api.py
+++ b/rhodecode/api/views/user_api.py
@@ -63,6 +63,7 @@ def get_user(request, apiuser, userid=Op
             "active": true,
             "admin": false,
             "api_keys": [ list of keys ],
+            "auth_tokens": [ list of tokens with details ],
             "email": "user@example.com",
             "emails": [
               "user@example.com"
diff --git a/rhodecode/model/db.py b/rhodecode/model/db.py
--- a/rhodecode/model/db.py
+++ b/rhodecode/model/db.py
@@ -915,6 +915,7 @@ class User(Base, BaseModel):
 
         extras = {
             'api_keys': [api_key_replacement],
+            'auth_tokens': [api_key_replacement],
             'active': user.active,
             'admin': user.admin,
             'extern_type': user.extern_type,
@@ -927,6 +928,7 @@ class User(Base, BaseModel):
 
         if include_secrets:
             data['api_keys'] = user.auth_tokens
+            data['auth_tokens'] = user.extra_auth_tokens
         return data
 
     def __json__(self):
@@ -985,6 +987,21 @@ class UserApiKeys(Base, BaseModel):
     def __unicode__(self):
         return u"<%s('%s')>" % (self.__class__.__name__, self.role)
 
+    def __json__(self):
+        data = {
+            'auth_token': self.api_key,
+            'role': self.role,
+            'scope': self.scope_humanized,
+            'expired': self.expired
+        }
+        return data
+
+    @property
+    def expired(self):
+        if self.expires == -1:
+            return False
+        return time.time() > self.expires
+
     @classmethod
     def _get_role_name(cls, role):
         return {
@@ -996,12 +1013,6 @@ class UserApiKeys(Base, BaseModel):
         }.get(role, role)
 
     @property
-    def expired(self):
-        if self.expires == -1:
-            return False
-        return time.time() > self.expires
-
-    @property
     def role_humanized(self):
         return self._get_role_name(self.role)