diff --git a/drone.go b/drone.go
index a97fd6531..d021cea4a 100644
--- a/drone.go
+++ b/drone.go
@@ -39,13 +39,14 @@ func main() {
 	user := api.Group("/user")
 	{
 		user.Use(server.MustUser())
+		user.Use(server.SetSession(session))
 
 		user.GET("", server.GetUserCurr)
 		user.PUT("", server.PutUserCurr)
 		user.GET("/repos", server.GetUserRepos)
 		user.GET("/tokens", server.GetUserTokens)
 		user.POST("/tokens", server.PostToken)
-		user.DELETE("/tokens", server.DelToken)
+		user.DELETE("/tokens/:label", server.DelToken)
 	}
 
 	users := api.Group("/users")
diff --git a/server/static/index.html b/server/static/index.html
index 6aad5f817..3cd12b6a8 100644
--- a/server/static/index.html
+++ b/server/static/index.html
@@ -30,6 +30,7 @@
 		<script src="/static/scripts/services/tasks.js"></script>
 		<script src="/static/scripts/services/users.js"></script>
 		<script src="/static/scripts/services/logs.js"></script>
+		<script src="/static/scripts/services/tokens.js"></script>
 
 		<script src="/static/scripts/filters/filter.js"></script>
 		<script src="/static/scripts/filters/gravatar.js"></script>
diff --git a/server/static/scripts/controllers/users.js b/server/static/scripts/controllers/users.js
index 0b5ba8c4f..fc9407307 100644
--- a/server/static/scripts/controllers/users.js
+++ b/server/static/scripts/controllers/users.js
@@ -3,12 +3,32 @@
 	/**
 	 * UserCtrl is responsible for managing user settings.
 	 */	
-	function UserCtrl($scope, users) {
+	function UserCtrl($scope, users, tokens) {
 
 		// Gets the currently authenticated user 
 		users.getCurrent().then(function(payload){
 			$scope.user = payload.data;
 		});
+
+		// Gets the user tokens
+		tokens.list().then(function(payload){
+			$scope.tokens = payload.data;
+		});
+
+		$scope.newToken={Label: ""};
+		$scope.createToken = function(newToken) {
+			tokens.post(newToken).then(function(payload) {
+				$scope.tokens.push(payload.data);
+				$scope.newToken={Label: ""};
+			});
+		}
+
+		$scope.revokeToken = function(token) {
+			tokens.delete(token).then(function() {
+				var index = $scope.tokens.indexOf(token);
+				$scope.tokens.splice(index, 1);
+			});
+		}
 	}
 
 	/**
@@ -40,9 +60,8 @@
 
 		$scope.remove = function(user) {
 			users.delete(user).then(function(){
-				users.list().then(function(payload){
-					$scope.users = payload.data;
-				});
+				var index = $scope.users.indexOf(user);
+				$scope.users.splice(index, 1);
 			});
 		}
 	}
diff --git a/server/static/scripts/services/tokens.js b/server/static/scripts/services/tokens.js
new file mode 100644
index 000000000..c71a7b061
--- /dev/null
+++ b/server/static/scripts/services/tokens.js
@@ -0,0 +1,40 @@
+'use strict';
+
+(function () {
+
+	/**
+	 * The TokenService provides access to user token
+	 * data using REST API calls.
+	 */
+	function TokenService($http, $window) {
+
+		/**
+		 * Gets a list of all repositories.
+		 */
+		this.list = function() {
+			return $http.get('/api/user/tokens');
+		};
+
+		/**
+		 * Creates a new token.
+		 *
+		 * @param {object} JSON representation of a repository.
+		 */
+		this.post = function(token) {
+			return $http.post('/api/user/tokens', token);
+		};
+
+		/**
+		 * Deletes a repository.
+		 *
+		 * @param {string} Name of the repository.
+		 */
+		this.delete = function(token) {
+			return $http.delete('/api/user/tokens/' + token.label);
+		};
+	}
+
+	angular
+		.module('drone')
+		.service('tokens', TokenService);
+})();
\ No newline at end of file
diff --git a/server/static/scripts/views/user.html b/server/static/scripts/views/user.html
index 2123b25a6..5f7e5c5ab 100644
--- a/server/static/scripts/views/user.html
+++ b/server/static/scripts/views/user.html
@@ -23,4 +23,35 @@
 
 	<dt>Gravatar</dt>
 	<dd><img ng-src="{{ user.gravatar_id | gravatar }}"</dd>
-</dl>
\ No newline at end of file
+</dl>
+
+
+<form>
+	<input type="label" ng-model="newToken.label" />
+	<button ng-click="createToken(newToken)">Create</button>
+</form>
+
+<div class="alert" ng-if="tokens && tokens.length === 0">No Personal Tokens Exist</div>
+
+<table ng-if="tokens && tokens.length !== 0">
+	<thead>
+		<tr>
+			<th>Label</th>
+			<th>Issued</th>
+			<th></th>
+		</tr>
+	</thead>
+	<tbody>
+		<tr ng-repeat-start="token in tokens">
+			<td>{{ token.label }}</td>
+			<td>{{ token.issued_at | fromNow }}</td>
+			<td><button ng-click="revokeToken(token)">delete</button></td>
+		</tr>
+		<tr ng-repeat-end ng-if="token.hash">
+			<td colspan="3">
+				<span>Make sure to copy your new personal access token now. You won't be able to see it again!</span>
+				<pre style="white-space: pre-line;overflow-wrap: break-word;">{{ token.hash }}</pre>
+			</td>
+		</tr>
+	</tbody>
+</table>
\ No newline at end of file
diff --git a/server/token.go b/server/token.go
index 33cfae5e8..aea9c617b 100644
--- a/server/token.go
+++ b/server/token.go
@@ -1,6 +1,8 @@
 package server
 
 import (
+	"time"
+
 	"github.com/gin-gonic/gin"
 	"github.com/gin-gonic/gin/binding"
 
@@ -24,6 +26,7 @@ func PostToken(c *gin.Context) {
 	token.Scopes = in.Scopes
 	token.Login = user.Login
 	token.Kind = common.TokenUser
+	token.Issued = time.Now().UTC().Unix()
 
 	err := store.InsertToken(token)
 	if err != nil {
@@ -34,10 +37,13 @@ func PostToken(c *gin.Context) {
 	if err != nil {
 		c.Fail(400, err)
 	}
-	c.String(200, jwt)
+	c.JSON(200, struct {
+		*common.Token
+		Hash string `json:"hash"`
+	}{token, jwt})
 }
 
-// DELETE /api/user/tokens
+// DELETE /api/user/tokens/:label
 func DelToken(c *gin.Context) {
 	store := ToDatastore(c)
 	user := ToUser(c)
diff --git a/server/user.go b/server/user.go
index 1888b4811..195dc9c98 100644
--- a/server/user.go
+++ b/server/user.go
@@ -65,12 +65,12 @@ func GetUserRepos(c *gin.Context) {
 //     GET /api/user/tokens
 //
 func GetUserTokens(c *gin.Context) {
-	// ds := ToDatastore(c)
-	// me := ToUser(c)
-	// tokens, err := ds.GetUserTokens(me.Login)
-	// if err != nil {
-	// 	c.Fail(400, err)
-	// } else {
-	// 	c.JSON(200, &repos)
-	// }
+	ds := ToDatastore(c)
+	me := ToUser(c)
+	tokens, err := ds.GetUserTokens(me.Login)
+	if err != nil {
+		c.Fail(400, err)
+	} else {
+		c.JSON(200, &tokens)
+	}
 }