diff --git a/app/controllers/api/auth_controller.rb b/app/controllers/api/auth_controller.rb
index 2266fd567f..66127a141e 100644
--- a/app/controllers/api/auth_controller.rb
+++ b/app/controllers/api/auth_controller.rb
@@ -5,7 +5,7 @@ class AuthController < BaseController
     def show
       requester_type = fetch_and_validate_requester_type
       token_service = Environment.user_token_service
-      auth_token = token_service.generate_token(User.current_user.userid, requester_type)
+      auth_token = token_service.generate_token(User.current_user, requester_type)
       token_info = token_service.token_mgr(requester_type).token_get_info(auth_token)
       res = {
         :auth_token => auth_token,
diff --git a/app/controllers/api/base_controller/authentication.rb b/app/controllers/api/base_controller/authentication.rb
index 9daa35cd6d..c5c6502719 100644
--- a/app/controllers/api/base_controller/authentication.rb
+++ b/app/controllers/api/base_controller/authentication.rb
@@ -86,8 +86,13 @@ def api_token_mgr
         Environment.user_token_service.token_mgr('api')
       end
 
-      def auth_user(userid)
-        auth_user_obj = User.lookup_by_identity(userid, lookup_scope: :api_includes)
+      def auth_user(user_or_id)
+        if user_or_id.kind_of?(User)
+          auth_user_obj = user_or_id
+        else
+          auth_user_obj = User.lookup_by_identity(user_or_id, lookup_scope: :api_includes)
+        end
+
         authorize_user_group(auth_user_obj)
         validate_user_identity(auth_user_obj)
         User.current_user = auth_user_obj
@@ -155,7 +160,7 @@ def authenticate_with_jwt
       def basic_authentication(username, password)
         timeout = ::Settings.api.authentication_timeout.to_i_with_method
         user = User.authenticate(username, password, request, :require_user => true, :timeout => timeout, :lookup_scope => :api_includes)
-        auth_user(user.userid)
+        auth_user(user)
       rescue MiqException::MiqEVMLoginError => e
         raise AuthenticationError, e.message
       end
diff --git a/lib/services/api/user_token_service.rb b/lib/services/api/user_token_service.rb
index fb6dd1b389..eca720a10a 100644
--- a/lib/services/api/user_token_service.rb
+++ b/lib/services/api/user_token_service.rb
@@ -23,9 +23,13 @@ def api_config
       @api_config ||= ::Settings[base_config[:module]].to_hash
     end
 
-    def generate_token(userid, requester_type, token_ttl: nil)
-      userid = userid.downcase
-      validate_userid(userid)
+    def generate_token(user_or_id, requester_type, token_ttl: nil)
+      if user_or_id.kind_of?(User)
+        userid = user_or_id.userid.downcase
+      else
+        userid = user_or_id.downcase
+        validate_userid(userid)
+      end
       validate_requester_type(requester_type)
 
       # Additional Requester type token ttl's for authentication