diff --git a/sapl/api/urls.py b/sapl/api/urls.py
index a473f2980..17fd432ab 100644
--- a/sapl/api/urls.py
+++ b/sapl/api/urls.py
@@ -71,7 +71,7 @@ urlpatterns = [
     url(r'^api/', include(urlpatterns_api_doc)),
     url(r'^api/', include(urlpatterns_router)),
     url(r'^api/version', AppVersionView.as_view()),
-    url(r'^api/recriar-token/$', recria_token, name="recria_token"),
+    url(r'^api/recriar-token/(?P<pk>\d*)$', recria_token, name="recria_token"),
 
     # implementar caminho para autenticação
     # https://www.django-rest-framework.org/tutorial/4-authentication-and-permissions/
diff --git a/sapl/api/views.py b/sapl/api/views.py
index 50af9cc54..77db0e05f 100644
--- a/sapl/api/views.py
+++ b/sapl/api/views.py
@@ -51,9 +51,9 @@ def create_auth_token(sender, instance=None, created=False, **kwargs):
 
 @api_view(['POST'])
 @permission_classes([IsAdminUser])
-def recria_token(request):
-    Token.objects.filter(user=request.user).delete()
-    token = Token.objects.create(user=request.user)
+def recria_token(request, pk):
+    Token.objects.get(user_id=pk).delete()
+    token = Token.objects.create(user_id=pk)
 
     return Response({"message": "Token recriado com sucesso!", "token": token.key})
 
diff --git a/sapl/templates/crud/usuario_edit.html b/sapl/templates/crud/usuario_edit.html
index 20aa9c910..dca9719d7 100644
--- a/sapl/templates/crud/usuario_edit.html
+++ b/sapl/templates/crud/usuario_edit.html
@@ -5,9 +5,14 @@
 
 <script type="text/javascript">
   $(() => {
+    var $crf_token = $('[name="csrfmiddlewaretoken"]').attr('value');
     $("#renovar-token").click(() => {
-      $.post("{% url 'sapl.api:recria_token' %}", {}, (res) => {
-        $("#id_token").val(res.token);
+      $.ajax({
+        url: "{% url 'sapl.api:recria_token' user.id %}",
+        type: "POST",
+        headers: { "X-CSRFToken": $crf_token },
+        dataType: "json",
+        success: (res) => $("#id_token").val(res.token)
       });
     });
   });