diff --git a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala
index 89fdf067d..d433a841b 100644
--- a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala
+++ b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala
@@ -9,8 +9,8 @@ import code.api.util.ExampleValue.{dynamicEntityRequestBodyExample, dynamicEntit
 import code.api.util.NewStyle.HttpCode
 import code.api.util._
 import code.api.v1_4_0.JSONFactory1_4_0.{ChallengeAnswerJSON, TransactionRequestAccountJsonV140}
+import code.api.v2_0_0.{EntitlementJSON, EntitlementJSONs, JSONFactory200}
 import code.api.v2_1_0._
-import code.api.v3_0_0.JSONFactory300
 import code.api.v3_1_0.ListResult
 import code.api.{APIFailureNewStyle, ChargePolicy}
 import code.dynamicEntity.DynamicEntityCommons
@@ -20,7 +20,6 @@ import code.transactionrequests.TransactionRequests.TransactionChallengeTypes._
 import code.transactionrequests.TransactionRequests.TransactionRequestTypes
 import code.transactionrequests.TransactionRequests.TransactionRequestTypes.{apply => _, _}
 import code.util.Helper
-import code.views.Views
 import com.github.dwickern.macros.NameOf.nameOf
 import com.openbankproject.commons.model._
 import com.openbankproject.commons.model.enums.DynamicEntityFieldType
@@ -36,6 +35,10 @@ import scala.collection.immutable.{List, Nil}
 import scala.collection.mutable.ArrayBuffer
 import scala.concurrent.ExecutionContext.Implicits.global
 import scala.concurrent.Future
+import code.api.v2_0_0.{EntitlementJSON, EntitlementJSONs, JSONFactory200}
+import code.api.v3_0_0.JSONFactory300
+import code.entitlement.Entitlement
+import code.views.Views
 
 trait APIMethods400 {
   self: RestHelper =>
@@ -992,7 +995,7 @@ trait APIMethods400 {
       apiInfoJson400,
       List(UnknownError, "no connector set"),
       Catalogs(Core, notPSD2, OBWG),
-      apiTagApi :: Nil)
+      apiTagApi :: apiTagNewStyle :: Nil)
 
     lazy val root : OBPEndpoint = {
       case "root" :: Nil JsonGet _ => {
@@ -1044,8 +1047,48 @@ trait APIMethods400 {
         }
       }
     }
-    
-    
+
+    resourceDocs += ResourceDoc(
+      getEntitlements,
+      implementedInApiVersion,
+      "getEntitlements",
+      "GET",
+      "/users/USER_ID/entitlements",
+      "Get Entitlements for User",
+      s"""
+         |
+         |${authenticationRequiredMessage(true)}
+         |
+         |
+      """.stripMargin,
+      emptyObjectJson,
+      entitlementJSONs,
+      List(UserNotLoggedIn, UserHasMissingRoles, UnknownError),
+      Catalogs(notCore, notPSD2, notOBWG),
+      List(apiTagRole, apiTagEntitlement, apiTagUser, apiTagNewStyle),
+      Some(List(canGetEntitlementsForAnyUserAtAnyBank)))
+
+
+    lazy val getEntitlements: OBPEndpoint = {
+      case "users" :: userId :: "entitlements" :: Nil JsonGet _ => {
+        cc =>
+          for {
+            (Full(u), callContext) <- authorizedAccess(cc)
+            _ <- NewStyle.function.hasEntitlement("", u.userId, canGetEntitlementsForAnyUserAtAnyBank, callContext)
+            entitlements <- NewStyle.function.getEntitlementsByUserId(userId, callContext)
+          } yield {
+            var json = EntitlementJSONs(Nil)
+            // Format the data as V2.0.0 json
+            if (isSuperAdmin(userId)) {
+              // If the user is SuperAdmin add it to the list
+              json = EntitlementJSONs(JSONFactory200.createEntitlementJSONs(entitlements).list:::List(EntitlementJSON("", "SuperAdmin", "")))
+            } else {
+              json = JSONFactory200.createEntitlementJSONs(entitlements)
+            }
+            (json, HttpCode.`200`(callContext))
+          }
+      }
+    }
 
   }
 
diff --git a/obp-api/src/main/scala/code/api/v4_0_0/OBPAPI4_0_0.scala b/obp-api/src/main/scala/code/api/v4_0_0/OBPAPI4_0_0.scala
index ccc7a99e9..daaf40cec 100644
--- a/obp-api/src/main/scala/code/api/v4_0_0/OBPAPI4_0_0.scala
+++ b/obp-api/src/main/scala/code/api/v4_0_0/OBPAPI4_0_0.scala
@@ -161,7 +161,7 @@ object OBPAPI4_0_0 extends OBPRestHelper with APIMethods130 with APIMethods140 w
                           //now in V300 Implementations2_0_0.getCoreAccountById ::
                           //now in V300 Implementations2_0_0.getCoreTransactionsForBankAccount ::
                           // Implementations2_0_0.getCurrentUser ::
-                          Implementations2_0_0.getEntitlements ::
+                          // Implementations2_0_0.getEntitlements ::
                           Implementations2_0_0.getKycChecks ::
                           Implementations2_0_0.getKycDocuments ::
                           Implementations2_0_0.getKycMedia ::
@@ -394,6 +394,7 @@ object OBPAPI4_0_0 extends OBPRestHelper with APIMethods130 with APIMethods140 w
     Implementations4_0_0.resetPasswordUrl ::
     Implementations4_0_0.root ::
     Implementations4_0_0.getCallContext ::
+    Implementations4_0_0.getEntitlements ::
     Nil
   
   def allResourceDocs = MockerConnector.doc ++
diff --git a/obp-api/src/main/scala/code/snippet/ConsumerRegistration.scala b/obp-api/src/main/scala/code/snippet/ConsumerRegistration.scala
index bf0e115af..8167adf49 100644
--- a/obp-api/src/main/scala/code/snippet/ConsumerRegistration.scala
+++ b/obp-api/src/main/scala/code/snippet/ConsumerRegistration.scala
@@ -298,6 +298,12 @@ class ConsumerRegistration extends MdcLoggable {
 
   def showDummyCustomerTokens(): CssSel = {
     val consumerKeyBox = S.param("consumer_key")
+    // The following will check the login user and the user from the consumerkey. we do not want to share consumerkey to others.
+    val loginUserId = AuthUser.getCurrentUser.map(_.userId).openOr("")
+    val userCreatedByUserId = consumerKeyBox.map(Consumers.consumers.vend.getConsumerByConsumerKey(_)).flatten.map(_.createdByUserId.get).openOr("")
+    if(!loginUserId.equals(userCreatedByUserId)) 
+      return "#dummy-user-tokens ^" #> "The consumer key in the URL is not created by the current login user, please create consumer for this user first!"
+    
     val dummyUsersInfo = getWebUiPropsValue("webui_dummy_user_logins", "")
     val isShowDummyUserTokens = getWebUiPropsValue("webui_show_dummy_user_tokens", "false").toBoolean
 
diff --git a/obp-api/src/main/webapp/dummy-user-tokens.html b/obp-api/src/main/webapp/dummy-user-tokens.html
index 84b2987bd..c60338095 100644
--- a/obp-api/src/main/webapp/dummy-user-tokens.html
+++ b/obp-api/src/main/webapp/dummy-user-tokens.html
@@ -28,7 +28,7 @@ Berlin 13359, Germany
 -->
 <div id="register-consumer" data-lift="surround?with=default;at=content">
 	<div data-lift="ConsumerRegistration.showDummyCustomerTokens">
-		<h1>Dummy user direct login headers</h1>
+		<h1>Dummy User Direct Login Headers</h1>
 		<div id="register-consumer-success" class="wrap-text">
 			<div id="dummy-user-tokens" class="row">
 				<div class="col-xs-12 col-sm-4">Consumer User name</div>
diff --git a/obp-api/src/test/scala/code/api/v4_0_0/EntitlementTests.scala b/obp-api/src/test/scala/code/api/v4_0_0/EntitlementTests.scala
new file mode 100644
index 000000000..95e7bff92
--- /dev/null
+++ b/obp-api/src/test/scala/code/api/v4_0_0/EntitlementTests.scala
@@ -0,0 +1,68 @@
+package code.api.v4_0_0
+
+import code.api.ErrorMessage
+import code.api.util.ApiRole.CanGetEntitlementsForAnyUserAtAnyBank
+import code.api.util.ErrorMessages.{UserHasMissingRoles, _}
+import code.api.util.{ApiRole, ApiVersion, ErrorMessages}
+import code.entitlement.Entitlement
+import code.setup.DefaultUsers
+import code.api.util.APIUtil.OAuth._
+import code.api.v4_0_0.APIMethods400.Implementations4_0_0
+import com.github.dwickern.macros.NameOf.nameOf
+import org.scalatest.Tag
+
+class EntitlementTests extends V400ServerSetup with DefaultUsers {
+
+   override def beforeAll() {
+     super.beforeAll()
+   }
+
+   override def afterAll() {
+     super.afterAll()
+   }
+
+  /**
+    * Test tags
+    * Example: To run tests with tag "getPermissions":
+    * 	mvn test -D tagsToInclude
+    *
+    *  This is made possible by the scalatest maven plugin
+    */
+  object VersionOfApi extends Tag(ApiVersion.v4_0_0.toString)
+  object ApiEndpoint1 extends Tag(nameOf(Implementations4_0_0.getEntitlements))
+
+  feature("Assuring that endpoint getEntitlements works as expected - v4.0.0") {
+
+    scenario("We try to get entitlements without login - getEntitlements", ApiEndpoint1, VersionOfApi) {
+      When("We make the request")
+      val requestGet = (v4_0_0_Request / "users" / resourceUser1.userId / "entitlements").GET
+      val responseGet = makeGetRequest(requestGet)
+      Then("We should get a 400")
+      responseGet.code should equal(400)
+      And("We should get a message: " + ErrorMessages.UserNotLoggedIn)
+      responseGet.body.extract[ErrorMessage].message should equal (ErrorMessages.UserNotLoggedIn)
+    }
+
+    scenario("We try to get entitlements without credentials - getEntitlements", ApiEndpoint1, VersionOfApi) {
+      When("We make the request")
+      val requestGet = (v4_0_0_Request / "users" / resourceUser1.userId / "entitlements").GET <@ (user1)
+      val responseGet = makeGetRequest(requestGet)
+      Then("We should get a 40")
+      responseGet.code should equal(403)
+      And("We should get a message: " + s"$CanGetEntitlementsForAnyUserAtAnyBank entitlement required")
+      responseGet.body.extract[ErrorMessage].message should equal (UserHasMissingRoles + CanGetEntitlementsForAnyUserAtAnyBank)
+    }
+
+    scenario("We try to get entitlements with credentials - getEntitlements", ApiEndpoint1, VersionOfApi) {
+      When("We add required entitlement")
+      Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, ApiRole.CanGetEntitlementsForAnyUserAtAnyBank.toString)
+      And("We make the request")
+      val requestGet = (v4_0_0_Request / "users" / resourceUser1.userId / "entitlements").GET <@ (user1)
+      val responseGet = makeGetRequest(requestGet)
+      Then("We should get a 200")
+      responseGet.code should equal(200)
+    }
+  }
+
+
+ }
\ No newline at end of file