diff --git a/app/views/organisation_users/admin_index.html.erb b/app/views/organisation_users/admin_index.html.erb
index da08365..1418cf9 100644
--- a/app/views/organisation_users/admin_index.html.erb
+++ b/app/views/organisation_users/admin_index.html.erb
@@ -1,55 +1,64 @@
 <%= stylesheet_link_tag "admin" %>
 
 <h1>
-	<%= t('org_admin.users_list') %>
+    <%= t('org_admin.users_list') %>
 </h1>
 
 <%= raw t('org_admin.user_text_html')%>
 <% @user_roles = current_user.organisation.user_org_roles %>
-<% @user_roles = @user_roles.uniq_by {|u| u.user_id } %>  	
-  	<table id="dmp_table" class="dmp_table tablesorter">
-	  <thead>
-	    <tr>
-	      	<th class="dmp_th_big"><%= t('org_admin.user_full_name') %></th>
-	      	<th class="dmp_th_medium"><%= t('org_admin.user_name') %></th>
-	      	<th class="dmp_th_small"><%= t('org_admin.last_logged_in') %></th>
-			<th class="dmp_th_small"><%= t('org_admin.how_many_plans') %></th>
-			<th class="dmp_th_small"><%= t('org_admin.api_privleges') %></th>
-	      
-	    </tr>
-	  </thead>
-	  <tbody>
-	  	<% @user_roles.each do |user_id| %>
-	  		<% if !user_id.user.nil? then%>
-		      <tr>
-		        <td class="dmp_td_big">
-		        	<% if !user_id.user.name.nil? then%>
-		        		<%= user_id.user.name %>
-		        	<%end%>	
-		        </td>
-		        <td class="dmp_td_medium">
-		        	<%= user_id.user.email %>
-		        </td>
-		        <td class="dmp_td_small">
-		        	<% if !user_id.user.last_sign_in_at.nil? then%>
-		        	<%= l user_id.user.last_sign_in_at.to_date, :formats => :short %>
-					<%end%>
-		        </td>
-		        <td class="dmp_td_small">
-		        	<% if !user_id.user.project_groups.nil? then%>
-		        	<%= user_id.user.project_groups.count %>
-		        	<%end%>
-		        </td>
-		        <td class="dmp_td_small">
-		        	#if the organisation has any api permissions
-		        	#show tickboxes which allow for users to have api_tokens
-		        	# if the user has an api_token, the tickbox is shown as ticked
-		        	# upon hitting save, 
-		        		# any user which previously had an apitoken, but no longer has a check, looses their token
-		        		# any user which perviously had no apitoken, and now has a check, gains a token, and gets sent an email
-		        </td>
-		      </tr>
-	      	<%end%>
-	    <% end %>
-	  </tbody>
-	</table>
+<% @user_roles = @user_roles.uniq_by {|u| u.user_id } %>
+    <table id="dmp_table" class="dmp_table tablesorter">
+      <thead>
+        <tr>
+            <th class="dmp_th_big"><%= t('org_admin.user_full_name') %></th>
+            <th class="dmp_th_medium"><%= t('org_admin.user_name') %></th>
+            <th class="dmp_th_small"><%= t('org_admin.last_logged_in') %></th>
+            <th class="dmp_th_small"><%= t('org_admin.how_many_plans') %></th>
+            <% if current_user.organisation.token_permission_types.count > 0 %>
+            <th class="dmp_th_small"><%= t('org_admin.api_privleges') %></th>
+            <% end %>
+        </tr>
+      </thead>
+      <% form_tag admin_index_organisation_users_path, method: :put do %>
+      <tbody>
+        <% @user_roles.each do |user_id| %>
+            <% if !user_id.user.nil? then%>
+              <tr>
+                <td class="dmp_td_big">
+                    <% if !user_id.user.name.nil? then%>
+                        <%= user_id.user.name %>
+                    <% end %>
+                </td>
+                <td class="dmp_td_medium">
+                    <%= user_id.user.email %>
+                </td>
+                <td class="dmp_td_small">
+                    <% if !user_id.user.last_sign_in_at.nil? then%>
+                    <%= l user_id.user.last_sign_in_at.to_date, :formats => :short %>
+                    <% end %>
+                </td>
+                <td class="dmp_td_small">
+                    <% if !user_id.user.project_groups.nil? then%>
+                    <%= user_id.user.project_groups.count %>
+                    <% end %>
+                </td>
+                <% if current_user.organisation.token_permission_types.count > 0 %>
+                <td class="dmp_td_small">
+                <%= check_box_tag "user_ids[]", user_id %>
+                <!--
+                    #if the organisation has any api permissions
+                    #show tickboxes which allow for users to have api_tokens
+                    # if the user has an api_token, the tickbox is shown as ticked
+                    # upon hitting save:
+                        # any user which previously had an apitoken, but no longer has a check, looses their token
+                        # any user which perviously had no apitoken, and now has a check, gains a token, and gets sent an email
+                -->
+                </td>
+                <% end %>
+              </tr>
+            <% end %>
+        <% end %>
+      </tbody>
+      <%= submit_tag "Update API Privleges" %>
+      <% end %>
+    </table>
\ No newline at end of file