diff --git a/src/routes/profile.js b/src/routes/profile.js
index ba29db21d..0dc0486a9 100644
--- a/src/routes/profile.js
+++ b/src/routes/profile.js
@@ -29,7 +29,6 @@ function get(req, res, next) {
         username: req.user.username,
         email: req.user.email,
         fallbackEmail: req.user.fallbackEmail,
-        tokenScopes: req.authInfo.authorizedScopes,
         displayName: req.user.displayName,
         twoFactorAuthenticationEnabled: req.user.twoFactorAuthenticationEnabled,
         admin: req.user.admin
diff --git a/src/routes/test/profile-test.js b/src/routes/test/profile-test.js
index 6b22403a8..6df5ca5fb 100644
--- a/src/routes/test/profile-test.js
+++ b/src/routes/test/profile-test.js
@@ -6,8 +6,7 @@
 
 'use strict';
 
-var accesscontrol = require('../../accesscontrol.js'),
-    config = require('../../config.js'),
+var config = require('../../config.js'),
     database = require('../../database.js'),
     expect = require('expect.js'),
     mailer = require('../../mailer.js'),
@@ -105,7 +104,6 @@ describe('Profile API', function () {
                 expect(result.body.displayName).to.be.a('string');
                 expect(result.body.password).to.not.be.ok();
                 expect(result.body.salt).to.not.be.ok();
-                expect(result.body.tokenScopes).to.eql(accesscontrol.VALID_SCOPES);
 
                 user_0 = result.body;
 
@@ -143,7 +141,6 @@ describe('Profile API', function () {
                 expect(result.body.displayName).to.be.a('string');
                 expect(result.body.password).to.not.be.ok();
                 expect(result.body.salt).to.not.be.ok();
-                expect(result.body.tokenScopes).to.eql(accesscontrol.VALID_SCOPES);
                 done();
             });
         });
@@ -196,7 +193,6 @@ describe('Profile API', function () {
                             expect(res.body.username).to.equal(USERNAME_0.toLowerCase());
                             expect(res.body.email).to.equal(EMAIL_0_NEW.toLowerCase());
                             expect(res.body.fallbackEmail).to.equal(EMAIL_0_NEW_FALLBACK.toLowerCase());
-                            expect(res.body.tokenScopes).to.eql(accesscontrol.VALID_SCOPES);
                             expect(res.body.displayName).to.equal('');
 
                             done();
@@ -217,7 +213,6 @@ describe('Profile API', function () {
                             expect(res.statusCode).to.equal(200);
                             expect(res.body.username).to.equal(USERNAME_0.toLowerCase());
                             expect(res.body.email).to.equal(EMAIL_0_NEW.toLowerCase());
-                            expect(res.body.tokenScopes).to.eql(accesscontrol.VALID_SCOPES);
                             expect(res.body.displayName).to.equal(DISPLAY_NAME_0_NEW);
 
                             done();
diff --git a/src/setup.js b/src/setup.js
index c9d234404..32ab0932e 100644
--- a/src/setup.js
+++ b/src/setup.js
@@ -255,7 +255,6 @@ function activate(username, password, email, displayName, ip, auditSource, callb
             callback(null, {
                 userId: userObject.id,
                 token: result.accessToken,
-                tokenScopes: result.tokenScopes,
                 expires: result.expires
             });