diff --git a/pagure/api/project.py b/pagure/api/project.py
index 622a7f5..93a0bc4 100644
--- a/pagure/api/project.py
+++ b/pagure/api/project.py
@@ -2207,7 +2207,7 @@ def api_project_create_api_token(repo, namespace=None, username=None):
         raise pagure.exceptions.APIError(
             401, error_code=APIERROR.ENOTHIGHENOUGH)
 
-    authorized_acls = pagure_config.get("ACLS", {}).keys()
+    authorized_acls = pagure_config.get("USER_ACLS", [])
     form = pagure.forms.NewTokenForm(
         csrf_enabled=False, sacls=authorized_acls)
     if form.validate_on_submit():
@@ -2217,16 +2217,13 @@ def api_project_create_api_token(repo, namespace=None, username=None):
         raise pagure.exceptions.APIError(
             400, error_code=APIERROR.EINVALIDREQ, errors=form.errors)
 
-    pagure.lib.query.add_token_to_user(
+    token = pagure.lib.query.add_token_to_user(
         flask.g.session, project, acls, flask.g.fas_user.user,
         description)
-    token_id = pagure.lib.query.search_token(
-        flask.g.session, acls=None, user=flask.g.fas_user.user,
-        description=description)[0].id
     output = {
         'token': {
-            'description': description,
-            'id': token_id
+            'description': token.description,
+            'id': token.id
         }
     }
 
diff --git a/pagure/lib/query.py b/pagure/lib/query.py
index 9e84be3..d2ea05e 100644
--- a/pagure/lib/query.py
+++ b/pagure/lib/query.py
@@ -4176,7 +4176,7 @@ def add_token_to_user(session, project, acls, username, description=None):
 
     session.commit()
 
-    return "Token created"
+    return token
 
 
 def _convert_markdown(md_processor, text):
diff --git a/tests/test_pagure_flask_api_project.py b/tests/test_pagure_flask_api_project.py
index 97ab8ff..d4fd8fb 100644
--- a/tests/test_pagure_flask_api_project.py
+++ b/tests/test_pagure_flask_api_project.py
@@ -4161,16 +4161,14 @@ class PagureFlaskApiProjectCreateAPITokenTests(tests.Modeltests):
         self.session.commit()
 
         # Create modify_project token for foo user
-        pagure.lib.query.add_token_to_user(
+        token = pagure.lib.query.add_token_to_user(
             self.session,
             project=None,
             acls=['modify_project'],
             username='foo')
-        mtoken = pagure.lib.query.search_token(
-            self.session, ['modify_project'], user='foo')[0]
 
         # Call the connector with foo user token and verify content
-        headers = {'Authorization': 'token %s' % mtoken.id}
+        headers = {'Authorization': 'token %s' % token.id}
         tdescription = 'my new token'
 
         # Call the api with pingou user token and verify content