diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang
index 163267ff52f..94bc57e7050 100755
--- a/htdocs/langs/en_US/admin.lang
+++ b/htdocs/langs/en_US/admin.lang
@@ -1567,6 +1567,7 @@ KeyForApiAccess=Key to use API (parameter "api_key")
 ApiEndPointIs=You can access to the API at url
 ApiExporerIs=You can explore the API at url
 OnlyActiveElementsAreExposed=Only elements from enabled modules are exposed
+ApiKey=Key for API
 ##### Bank #####
 BankSetupModule=Bank module setup
 FreeLegalTextOnChequeReceipts=Free text on cheque receipts
diff --git a/htdocs/user/card.php b/htdocs/user/card.php
index 42919207f21..a869097f629 100644
--- a/htdocs/user/card.php
+++ b/htdocs/user/card.php
@@ -9,6 +9,7 @@
  * Copyright (C) 2012      Juanjo Menent        <jmenent@2byte.es>
  * Copyright (C) 2013      Florian Henry        <florian.henry@open-concept.pro>
  * Copyright (C) 2013-2015 Alexandre Spangaro   <alexandre.spangaro@gmail.com>
+ * Copyright (C) 2015      Jean-François Ferry  <jfefe@aternatik.fr>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -82,6 +83,7 @@ if ($user->id <> $id && ! $canreaduser) accessforbidden();
 $langs->load("users");
 $langs->load("companies");
 $langs->load("ldap");
+$langs->load("admin");
 
 $object = new User($db);
 $extrafields = new ExtraFields($db);
@@ -189,6 +191,7 @@ if ($action == 'add' && $canadduser)
         $object->lastname		= GETPOST("lastname",'alpha');
         $object->firstname	    = GETPOST("firstname",'alpha');
         $object->login		    = GETPOST("login",'alpha');
+        $object->api_key		= GETPOST("api_key",'alpha');
         $object->gender		    = GETPOST("gender",'alpha');
         $object->admin		    = GETPOST("admin",'alpha');
         $object->office_phone	= GETPOST("office_phone",'alpha');
@@ -343,6 +346,7 @@ if ($action == 'update' && ! $_POST["cancel"])
             $object->login		= GETPOST("login",'alpha');
             $object->gender		= GETPOST("gender",'alpha');
             $object->pass		= GETPOST("password");
+            $object->api_key    = GETPOST("api_key");
             $object->admin		= empty($user->admin)?0:GETPOST("admin"); // A user can only be set admin by an admin
             $object->office_phone=GETPOST("office_phone",'alpha');
             $object->office_fax	= GETPOST("office_fax",'alpha');
@@ -820,49 +824,62 @@ if (($action == 'create') || ($action == 'adduserldap'))
         }
     }
     print '</td></tr>';
-
-    // Administrator
-    if (! empty($user->admin))
-    {
-        print '<tr><td>'.$langs->trans("Administrator").'</td>';
+    
+    if(! empty($conf->api->enabled)) {
+        // API key
+        $generated_api_key = '';
+        require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
+            $generated_password=getRandomPassword(false);
+        print '<tr><td>'.$langs->trans("ApiKey").'</td>';
         print '<td>';
-        print $form->selectyesno('admin',GETPOST('admin'),1);
+        print '<input size="30" maxsize="32" type="text" id="api_key" name="api_key" value="'.$api_key.'" autocomplete="off">';
+        if (! empty($conf->use_javascript_ajax))
+            print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_api_key" class="linkobject"');
+        print '</td></tr>';
 
-        if (! empty($conf->multicompany->enabled) && ! $user->entity && empty($conf->multicompany->transverse_mode))
+        // Administrator
+        if (! empty($user->admin))
         {
-            if (! empty($conf->use_javascript_ajax))
+            print '<tr><td>'.$langs->trans("Administrator").'</td>';
+            print '<td>';
+            print $form->selectyesno('admin',GETPOST('admin'),1);
+
+            if (! empty($conf->multicompany->enabled) && ! $user->entity && empty($conf->multicompany->transverse_mode))
             {
-                print '<script type="text/javascript">
-							$(function() {
-								$("select[name=admin]").change(function() {
-									 if ( $(this).val() == 0 ) {
-									 	$("input[name=superadmin]")
-											.prop("disabled", true)
-											.prop("checked", false);
-									 	$("select[name=entity]")
-											.prop("disabled", false);
-									 } else {
-									 	$("input[name=superadmin]")
-											.prop("disabled", false);
-									 }
-								});
-								$("input[name=superadmin]").change(function() {
-									if ( $(this).is(":checked") ) {
-										$("select[name=entity]")
-											.prop("disabled", true);
-									} else {
-										$("select[name=entity]")
-											.prop("disabled", false);
-									}
-								});
-							});
-					</script>';
+                if (! empty($conf->use_javascript_ajax))
+                {
+                    print '<script type="text/javascript">
+                                $(function() {
+                                    $("select[name=admin]").change(function() {
+                                         if ( $(this).val() == 0 ) {
+                                            $("input[name=superadmin]")
+                                                .prop("disabled", true)
+                                                .prop("checked", false);
+                                            $("select[name=entity]")
+                                                .prop("disabled", false);
+                                         } else {
+                                            $("input[name=superadmin]")
+                                                .prop("disabled", false);
+                                         }
+                                    });
+                                    $("input[name=superadmin]").change(function() {
+                                        if ( $(this).is(":checked") ) {
+                                            $("select[name=entity]")
+                                                .prop("disabled", true);
+                                        } else {
+                                            $("select[name=entity]")
+                                                .prop("disabled", false);
+                                        }
+                                    });
+                                });
+                        </script>';
+                }
+                $checked=($_POST["superadmin"]?' checked':'');
+                $disabled=($_POST["superadmin"]?'':' disabled');
+                print '<input type="checkbox" name="superadmin" value="1"'.$checked.$disabled.' /> '.$langs->trans("SuperAdministrator");
             }
-            $checked=($_POST["superadmin"]?' checked':'');
-            $disabled=($_POST["superadmin"]?'':' disabled');
-            print '<input type="checkbox" name="superadmin" value="1"'.$checked.$disabled.' /> '.$langs->trans("SuperAdministrator");
+            print "</td></tr>\n";
         }
-        print "</td></tr>\n";
     }
 
     // Type
@@ -1254,7 +1271,16 @@ else
                 print "</td>";
             }
             print '</tr>'."\n";
-
+            
+            // API key
+            if(! empty($conf->api->enabled) && $user->admin) {
+                print '<tr><td>'.$langs->trans("ApiKey").'</td>';
+                print '<td colspan="2">';
+                if (! empty($object->api_key))
+                    print $langs->trans("Hidden");
+                print '<td>';
+            }
+            
             // Administrator
             print '<tr><td>'.$langs->trans("Administrator").'</td><td colspan="2">';
             if (! empty($conf->multicompany->enabled) && $object->admin && ! $object->entity)
@@ -1824,6 +1850,16 @@ else
             }
             print $text;
             print "</td></tr>\n";
+            
+            // API key
+            if(! empty($conf->api->enabled) && $user->admin) {
+                print '<tr><td>'.$langs->trans("ApiKey").'</td>';
+                print '<td>';
+                print '<input size="30" maxsize="32" type="text" id="api_key" name="api_key" value="'.$object->api_key.'" autocomplete="off">';
+                if (! empty($conf->use_javascript_ajax))
+                    print '&nbsp;'.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_api_key" class="linkobject"');
+                print '</td></tr>';
+            }
 
             // Administrator
             print '<tr><td>'.$langs->trans("Administrator").'</td>';
@@ -2197,6 +2233,22 @@ else
     }
 }
 
+if (! empty($conf->api->enabled) && ! empty($conf->use_javascript_ajax))
+{
+    print "\n".'<script type="text/javascript">';
+    print '$(document).ready(function () {
+            $("#generate_api_key").click(function() {
+                $.get( "'.DOL_URL_ROOT.'/core/ajax/security.php", {
+                    action: \'getrandompassword\',
+                    generic: true
+                },
+                function(token) {
+                    $("#api_key").val(token);
+                });
+            });
+    });';
+    print '</script>';
+}
 
 llxFooter();
 $db->close();
diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php
index b55723d3735..f7b54739672 100644
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@@ -61,6 +61,7 @@ class User extends CommonObject
 	var $user_mobile;
 	var $admin;
 	var $login;
+    var $api_key;
 	var $entity;
 
 	//! Clear password in memory
@@ -162,7 +163,7 @@ class User extends CommonObject
 		// Get user
 		$sql = "SELECT u.rowid, u.lastname, u.firstname, u.gender, u.email, u.job, u.skype, u.signature, u.office_phone, u.office_fax, u.user_mobile,";
 		$sql.= " u.admin, u.login, u.note,";
-		$sql.= " u.pass, u.pass_crypted, u.pass_temp,";
+		$sql.= " u.pass, u.pass_crypted, u.pass_temp, u.api_key,";
 		$sql.= " u.fk_soc, u.fk_socpeople, u.fk_member, u.fk_user, u.ldap_sid,";
 		$sql.= " u.statut, u.lang, u.entity,";
 		$sql.= " u.datec as datec,";
@@ -226,6 +227,7 @@ class User extends CommonObject
 				$this->pass_indatabase_crypted = $obj->pass_crypted;
 				$this->pass			= $obj->pass;
 				$this->pass_temp	= $obj->pass_temp;
+                $this->api_key		= $obj->api_key;
 				$this->office_phone	= $obj->office_phone;
 				$this->office_fax   = $obj->office_fax;
 				$this->user_mobile  = $obj->user_mobile;
@@ -1143,6 +1145,7 @@ class User extends CommonObject
 		$this->login        = trim($this->login);
 		$this->gender       = trim($this->gender);
 		$this->pass         = trim($this->pass);
+        $this->api_key      = trim($this->api_key);
 		$this->office_phone = trim($this->office_phone);
 		$this->office_fax   = trim($this->office_fax);
 		$this->user_mobile  = trim($this->user_mobile);
@@ -1174,6 +1177,7 @@ class User extends CommonObject
 		$sql.= " lastname = '".$this->db->escape($this->lastname)."'";
 		$sql.= ", firstname = '".$this->db->escape($this->firstname)."'";
 		$sql.= ", login = '".$this->db->escape($this->login)."'";
+        $sql.= ", api_key = '".$this->db->escape($this->api_key)."'";
 		$sql.= ", gender = ".($this->gender != -1 ? "'".$this->db->escape($this->gender)."'" : "null");	// 'man' or 'woman'
 		$sql.= ", admin = ".$this->admin;
 		$sql.= ", address = '".$this->db->escape($this->address)."'";