diff --git a/src/main/scala/code/api/OBPAPI1.1.scala b/src/main/scala/code/api/OBPAPI1.1.scala
index 224fc91cd..03342ec5c 100644
--- a/src/main/scala/code/api/OBPAPI1.1.scala
+++ b/src/main/scala/code/api/OBPAPI1.1.scala
@@ -135,7 +135,7 @@ object OBPAPI1_1 extends RestHelper with Loggable {
     Token.find(By(Token.key, tokenID.get)) match {
       case Full(token) => {
         logger.info("access token: "+ token + " found")
-        val user = User.findByApiId(token.userId.get)
+        val user = User.findByApiId(token.userForeignKey.get.toString)
         //just a log
         user match {
           case Full(u) => logger.info("user " + u.emailAddress + " was found from the oauth token")
diff --git a/src/main/scala/code/api/bankmock.scala b/src/main/scala/code/api/bankmock.scala
index 8dbc05290..f8db3d0f4 100644
--- a/src/main/scala/code/api/bankmock.scala
+++ b/src/main/scala/code/api/bankmock.scala
@@ -68,7 +68,7 @@ case class Verifier(
 )
 
 case class UserData(
-  id : String
+  id : Long
 )
 
 /**
@@ -152,7 +152,7 @@ object BankMockAPI extends RestHelper with Loggable {
                 requestToken(token) match {
                   case Full(tkn) =>{
                     //associate the token with the user
-                    tkn.userId(userData.id)
+                    tkn.userForeignKey(userData.id)
                     val verifier = tkn.gernerateVerifier
                     tkn.save
                     JsonResponse(Verifier(verifier), Nil, Nil, 200)
diff --git a/src/main/scala/code/api/oauth1.0.scala b/src/main/scala/code/api/oauth1.0.scala
index 9cbde33f8..0d19eb533 100644
--- a/src/main/scala/code/api/oauth1.0.scala
+++ b/src/main/scala/code/api/oauth1.0.scala
@@ -470,7 +470,7 @@ object OAuthHandshake extends RestHelper with Loggable {
       case _ => None
     }
     Token.find(By(Token.key, oAuthParameters.get("oauth_token").get)) match {
-      case Full(requestToken) => token.userId(requestToken.userId)
+      case Full(requestToken) => token.userForeignKey(requestToken.userForeignKey)
       case _ => None
     }
     token.key(tokenKey)
@@ -505,7 +505,7 @@ object OAuthHandshake extends RestHelper with Loggable {
       Token.find(By(Token.key, tokenID.get)) match {
         case Full(token) => {
           logger.info("access token: "+ token + " found")
-          val user = User.findByApiId(token.userId.get)
+          val user = token.user
           //just a log
           user match {
             case Full(u) => logger.info("user " + u.emailAddress + " was found from the oauth token")
diff --git a/src/main/scala/code/model/OAuth.scala b/src/main/scala/code/model/OAuth.scala
index 7a2102f90..7fa507e12 100644
--- a/src/main/scala/code/model/OAuth.scala
+++ b/src/main/scala/code/model/OAuth.scala
@@ -36,6 +36,7 @@ import net.liftweb.common.{Full,Failure,Box,Empty}
 import net.liftweb.util.Helpers
 import Helpers.now
 import code.model.dataAccess.Admin
+import code.model.dataAccess.APIUser
 
 object AppType extends Enumeration("web", "mobile"){
   type AppType = Value
@@ -140,7 +141,9 @@ class Token extends LongKeyedMapper[Token]{
   object id extends MappedLongIndex(this)
   object tokenType extends MappedEnum(this, TokenType)
   object consumerId extends MappedLongForeignKey(this, Consumer)
+  @deprecated //TODO: remove this once db upgrade scripts are done
   object userId extends MappedString(this,255)
+  object userForeignKey extends MappedLongForeignKey(this, APIUser)
   object key extends MappedString(this,250)
   object secret extends MappedString(this,250)
   object callbackURL extends MappedString(this,250)
@@ -148,7 +151,7 @@ class Token extends LongKeyedMapper[Token]{
   object duration extends MappedLong(this)//expressed in milliseconds
   object expirationDate extends MappedDateTime(this)
   object insertDate extends MappedDateTime(this)
-  def user = User.findByApiId(userId.get)
+  def user = userForeignKey.obj
   def isValid : Boolean = expirationDate.is after now
   def gernerateVerifier : String =
     if (verifier.isEmpty){
diff --git a/src/main/scala/code/snippet/OAuthAuthorisation.scala b/src/main/scala/code/snippet/OAuthAuthorisation.scala
index b035f14b5..f560f0a90 100644
--- a/src/main/scala/code/snippet/OAuthAuthorisation.scala
+++ b/src/main/scala/code/snippet/OAuthAuthorisation.scala
@@ -88,10 +88,9 @@ object OAuthAuthorisation {
                   //link the token with the concrete API User
                   obpUser.user.obj.map{
                     u  => {
-                      //Note: ApiUser.id is the database id from ApiUser, as opposed to ApiUser.id_, which returns the id assigned
-                      //to this user by its provider (i.e. not this api). We want ApiUser.id because it is unique, unlike the id given by a provider
+                      //We want ApiUser.id because it is unique, unlike the id given by a provider
                       // i.e. two different providers can have a user with id "bob"
-                      appToken.userId(u.id.get.toString)
+                      appToken.userForeignKey(u.id.get)
                     }
                   }
                   if (appToken.save())
diff --git a/src/test/scala/code/api/API121Test.scala b/src/test/scala/code/api/API121Test.scala
index aef9274aa..a4900ea71 100644
--- a/src/test/scala/code/api/API121Test.scala
+++ b/src/test/scala/code/api/API121Test.scala
@@ -121,7 +121,7 @@ class API1_2_1Test extends ServerSetup{
     OBPToken.create.
     tokenType(Access).
     consumerId(testConsumer.id).
-    userId(obpuser1.apiId).
+    userForeignKey(obpuser1.id.toLong).
     key(randomString(40).toLowerCase).
     secret(randomString(40).toLowerCase).
     duration(tokenDuration).
@@ -141,7 +141,7 @@ class API1_2_1Test extends ServerSetup{
     OBPToken.create.
     tokenType(Access).
     consumerId(testConsumer.id).
-    userId(obpuser2.apiId).
+    userForeignKey(obpuser2.id.toLong).
     key(randomString(40).toLowerCase).
     secret(randomString(40).toLowerCase).
     duration(tokenDuration).
@@ -161,7 +161,7 @@ class API1_2_1Test extends ServerSetup{
     OBPToken.create.
     tokenType(Access).
     consumerId(testConsumer.id).
-    userId(obpuser3.apiId).
+    userForeignKey(obpuser3.id.toLong).
     key(randomString(40).toLowerCase).
     secret(randomString(40).toLowerCase).
     duration(tokenDuration).
diff --git a/src/test/scala/code/api/API12Test.scala b/src/test/scala/code/api/API12Test.scala
index 89e888223..33bb5d3e8 100644
--- a/src/test/scala/code/api/API12Test.scala
+++ b/src/test/scala/code/api/API12Test.scala
@@ -120,7 +120,7 @@ class API1_2Test extends ServerSetup{
     OBPToken.create.
     tokenType(Access).
     consumerId(testConsumer.id).
-    userId(obpuser1.apiId).
+    userForeignKey(obpuser1.id).
     key(randomString(40).toLowerCase).
     secret(randomString(40).toLowerCase).
     duration(tokenDuration).
@@ -140,7 +140,7 @@ class API1_2Test extends ServerSetup{
     OBPToken.create.
     tokenType(Access).
     consumerId(testConsumer.id).
-    userId(obpuser2.apiId).
+    userForeignKey(obpuser2.id).
     key(randomString(40).toLowerCase).
     secret(randomString(40).toLowerCase).
     duration(tokenDuration).
@@ -160,7 +160,7 @@ class API1_2Test extends ServerSetup{
     OBPToken.create.
     tokenType(Access).
     consumerId(testConsumer.id).
-    userId(obpuser3.apiId).
+    userForeignKey(obpuser3.id).
     key(randomString(40).toLowerCase).
     secret(randomString(40).toLowerCase).
     duration(tokenDuration).