diff --git a/apps/account/admin/user.py b/apps/account/admin/user.py
index 9bfcdab..3b60484 100644
--- a/apps/account/admin/user.py
+++ b/apps/account/admin/user.py
@@ -95,6 +95,12 @@ class UserAdmin(BaseUserAdmin, ModelAdmin):
                 "classes": ["tab"],
             }
         ),
+        (
+            _('Authentication'), {
+                'fields': ('display_auth_token',),
+                "classes": ["tab"],
+            }
+        ),
         (
             _('Permissions'), {
                 'fields': ('user_type', 'is_active', 'is_staff', 'groups'),
@@ -116,7 +122,7 @@ class UserAdmin(BaseUserAdmin, ModelAdmin):
     radio_fields = {
         "gender": admin.HORIZONTAL,
     }
-    readonly_fields = ["last_login", "date_joined",]
+    readonly_fields = ["last_login", "date_joined", "display_auth_token"]
 
 
     @display(description=_("Date Joined"))
@@ -126,6 +132,18 @@ class UserAdmin(BaseUserAdmin, ModelAdmin):
     @display(description=_("Last Login"))
     def display_last_login(self, instance: User):
         return instance.last_login.strftime("%Y-%m-%d %H:%M") if instance.last_login else "-"
+        
+    @display(description=_("Authentication Token"))
+    def display_auth_token(self, instance: User):
+        from rest_framework.authtoken.models import Token
+        from django.utils.html import format_html
+        
+        try:
+            token, created = Token.objects.get_or_create(user=instance)
+            return format_html('<code style="word-break: break-all;">{}</code>', token.key)
+        except Exception as e:
+            return format_html('<span class="error">{}</span>', str(e))
+            
     def get_queryset(self, request):
         qs = super().get_queryset(request)
         return qs.filter(email__isnull=False)
@@ -134,6 +152,7 @@ class GuestUserAdmin(UserAdmin):
     list_display = (
         'device_id', 'device_os', 'is_active', 'display_date_joined',
     )
+    # Inherits fieldsets from UserAdmin, which now include the auth token
     
     def has_add_permission(self, request):
         if '_popup' in request.GET and request.GET['_popup'] == '1':  
@@ -172,6 +191,7 @@ class StudentUserAdmin(UserAdmin):
             'classes': ('collapse',),
         }),
     )
+    # Ensure the fieldsets from UserAdmin are used, which now include the auth token
 
 
     @display(description=_("Student"), header=True)
@@ -325,6 +345,7 @@ class ProfessorUserAdmin(UserAdmin):
     list_sections = [CourseTableSection]
 
     save_as = True
+    # Inherits fieldsets from UserAdmin, which now include the auth token
 
     @display(description=_("Professor"), header=True)
     def display_header(self, instance: StudentUser):