diff --git a/lib/private/Authentication/Token/DefaultToken.php b/lib/private/Authentication/Token/DefaultToken.php
index 0c45c9efa56044434e5d4ec10a412399d2d05bdb..e938ff92e16dcbdc7d3eaaea77029e3994284379 100644
--- a/lib/private/Authentication/Token/DefaultToken.php
+++ b/lib/private/Authentication/Token/DefaultToken.php
@@ -151,6 +151,10 @@ class DefaultToken extends Entity implements IToken {
 	}
 
 	public function setScope($scope) {
-		return parent::setScope(json_encode($scope));
+		if (is_string($scope)) {
+			$this->scope = $scope;
+		} else {
+			return parent::setScope(json_encode($scope));
+		}
 	}
 }
diff --git a/lib/private/Authentication/Token/DefaultTokenMapper.php b/lib/private/Authentication/Token/DefaultTokenMapper.php
index e2a17ca0f914dc9b7291a01a297ba556ec03a1a0..bfcb54c66c077c004ba3862120b6a77bc4493f95 100644
--- a/lib/private/Authentication/Token/DefaultTokenMapper.php
+++ b/lib/private/Authentication/Token/DefaultTokenMapper.php
@@ -83,6 +83,7 @@ class DefaultTokenMapper extends Mapper {
 		if ($data === false) {
 			throw new DoesNotExistException('token does not exist');
 		}
+;
 		return DefaultToken::fromRow($data);
 	}
 
diff --git a/lib/private/Authentication/Token/IToken.php b/lib/private/Authentication/Token/IToken.php
index 3fa8ccbb078e62c0010061189e30024c258393fb..a6ba392907d959fd7355c0ac25e696a6a8785c9a 100644
--- a/lib/private/Authentication/Token/IToken.php
+++ b/lib/private/Authentication/Token/IToken.php
@@ -67,13 +67,25 @@ interface IToken extends JsonSerializable {
 	public function getLastCheck();
 
 	/**
-	 * Get the timestamp of the last password check
+	 * Set the timestamp of the last password check
 	 *
 	 * @param int $time
 	 */
 	public function setLastCheck($time);
 
+	/**
+	 * Get the authentication scope for this token
+	 *
+	 * If the scope is null no limitations exist for the token
+	 *
+	 * @return array|null
+	 */
 	public function getScope();
 
+	/**
+	 * Set the authentication scope for this token
+	 *
+	 * @param array|null $scope
+	 */
 	public function setScope($scope);
 }
diff --git a/settings/css/settings.css b/settings/css/settings.css
index 7d139a632d0afefad25c7a1523b54885fa85d736..debf69dbae2d91bf5beb2866009e6de0ca76e0ac 100644
--- a/settings/css/settings.css
+++ b/settings/css/settings.css
@@ -149,6 +149,12 @@ table.nostyle td { padding: 0.2em 0; }
 	padding: 10px 10px 10px 0;
 }
 
+#sessions .token-list td.icon,
+#apppasswords .token-list td.icon {
+	width: 16px;
+	padding: 10px;
+}
+
 #sessions .token-list td,
 #apppasswords .token-list td {
 	border-top: 1px solid #DDD;
@@ -162,8 +168,8 @@ table.nostyle td { padding: 0.2em 0; }
 #apppasswords tr *:nth-child(2) {
 	text-align: right;
 }
-#sessions .token-list td a.icon-delete,
-#apppasswords .token-list td a.icon-delete {
+#sessions .token-list td a.icon,
+#apppasswords .token-list td a.icon {
 	display: block;
 	opacity: 0.6;
 }
diff --git a/settings/js/authtoken_view.js b/settings/js/authtoken_view.js
index 6eb04b63f201b4a10a125ed5bf34c132d904106f..361b5dcc7a880e1b3ba407efd753d20d9b7f489c 100644
--- a/settings/js/authtoken_view.js
+++ b/settings/js/authtoken_view.js
@@ -29,11 +29,16 @@
 		'<tr data-id="{{id}}">'
 		+ '<td class="has-tooltip" title="{{title}}"><span class="token-name">{{name}}</span></td>'
 		+ '<td><span class="last-activity has-tooltip" title="{{lastActivityTime}}">{{lastActivity}}</span></td>'
+		+ '<td class="icon">'
+		+ '{{#if canScope}}'
+		+ '<a class="icon icon-settings has-tooltip" title="' + t('core', 'Configure') + '"></a>'
+		+ '{{/if}}'
+		+ '</td>'
+		+ '<td class="icon">'
 		+ '{{#if canDelete}}'
-		+ '<td><a class="icon-delete has-tooltip" title="' + t('core', 'Disconnect') + '"></a></td>'
-		+ '{{else}}'
-		+ '<td></td>'
+		+ '<a class="icon icon-delete has-tooltip" title="' + t('core', 'Disconnect') + '"></a>'
 		+ '{{/if}}'
+		+ '</td>'
 		+ '<tr>';
 
 	var SubView = OC.Backbone.View.extend({
@@ -78,7 +83,7 @@
 			this._toggleHeader(tokens.length > 0);
 
 			tokens.forEach(function (token) {
-				var viewData = this._formatViewData(token.toJSON());
+				var viewData = this._formatViewData(token);
 				var html = _this.template(viewData);
 				var $html = $(html);
 				$html.find('.has-tooltip').tooltip({container: 'body'});
@@ -94,10 +99,12 @@
 			this.$('.hidden-when-empty').toggleClass('hidden', !show);
 		},
 
-		_formatViewData: function (viewData) {
+		_formatViewData: function (token) {
+			var viewData = token.toJSON();
 			var ts = viewData.lastActivity * 1000;
 			viewData.lastActivity = OC.Util.relativeModifiedDate(ts);
 			viewData.lastActivityTime = OC.Util.formatDate(ts, 'LLL');
+			viewData.canScope = token.get('type') === '1';
 
 			// preserve title for cases where we format it further
 			viewData.title = viewData.name;
diff --git a/settings/templates/personal.php b/settings/templates/personal.php
index ea1c7ba6459b6372183bf9caf6a061ee0701eb09..c66a9d60d146cb20c4b0bbe38f7ef982622bceac 100644
--- a/settings/templates/personal.php
+++ b/settings/templates/personal.php
@@ -220,6 +220,7 @@ if($_['passwordChangeSupported']) {
 				<th><?php p($l->t('Name'));?></th>
 				<th><?php p($l->t('Last activity'));?></th>
 				<th></th>
+				<th></th>
 			</tr>
 		</thead>
 		<tbody class="token-list icon-loading">