diff --git a/apps/authentication/migrations/0013_auto_20221025_1908.py b/apps/authentication/migrations/0013_auto_20221025_1908.py
deleted file mode 100644
index 452063f35..000000000
--- a/apps/authentication/migrations/0013_auto_20221025_1908.py
+++ /dev/null
@@ -1,29 +0,0 @@
-# Generated by Django 3.2.14 on 2022-10-25 11:08
-
-from django.db import migrations, models
-import django.db.models.deletion
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('assets', '0110_auto_20221021_1506'),
-        ('authentication', '0012_auto_20220816_1629'),
-    ]
-
-    operations = [
-        migrations.RemoveField(
-            model_name='connectiontoken',
-            name='type',
-        ),
-        migrations.AddField(
-            model_name='connectiontoken',
-            name='account_display',
-            field=models.CharField(default='', max_length=128, verbose_name='Account display'),
-        ),
-        migrations.AlterField(
-            model_name='connectiontoken',
-            name='account',
-            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='connection_tokens', to='assets.account', verbose_name='Account'),
-        ),
-    ]
diff --git a/apps/authentication/migrations/0013_remove_connectiontoken_type.py b/apps/authentication/migrations/0013_remove_connectiontoken_type.py
new file mode 100644
index 000000000..52c6813dc
--- /dev/null
+++ b/apps/authentication/migrations/0013_remove_connectiontoken_type.py
@@ -0,0 +1,17 @@
+# Generated by Django 3.2.14 on 2022-10-26 08:07
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0012_auto_20220816_1629'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='connectiontoken',
+            name='type',
+        ),
+    ]
diff --git a/apps/authentication/models.py b/apps/authentication/models.py
index 642443e02..765f38ef9 100644
--- a/apps/authentication/models.py
+++ b/apps/authentication/models.py
@@ -78,11 +78,7 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
         related_name='connection_tokens', null=True, blank=True
     )
     asset_display = models.CharField(max_length=128, default='', verbose_name=_("Asset display"))
-    account = models.ForeignKey(
-        'assets.Account', on_delete=models.SET_NULL, verbose_name=_('Account'),
-        related_name='connection_tokens', null=True, blank=True
-    )
-    account_display = models.CharField(max_length=128, default='', verbose_name=_("Account display"))
+    account = models.CharField(max_length=128, default='', verbose_name=_("Account"))
 
     class Meta:
         ordering = ('-date_expired',)
@@ -127,7 +123,6 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
 
     def check_valid(self):
         from perms.utils.permission import validate_permission as asset_validate_permission
-        from perms.utils.application.permission import validate_permission as app_validate_permission
 
         if self.is_expired:
             is_valid = False
@@ -143,45 +138,30 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
             error = _('User invalid, disabled or expired')
             return is_valid, error
 
-        if not self.system_user:
+        if not self.account:
             is_valid = False
-            error = _('System user not exists')
+            error = _('Account not exists')
             return is_valid, error
 
-        if self.is_type(self.Type.asset):
-            if not self.asset:
-                is_valid = False
-                error = _('Asset not exists')
-                return is_valid, error
-            if not self.asset.is_active:
-                is_valid = False
-                error = _('Asset inactive')
-                return is_valid, error
-            has_perm, actions, expired_at = asset_validate_permission(
-                self.user, self.asset, self.system_user
-            )
-            if not has_perm:
-                is_valid = False
-                error = _('User has no permission to access asset or permission expired')
-                return is_valid, error
-            self.actions = actions
-            self.expired_at = expired_at
-
-        elif self.is_type(self.Type.application):
-            if not self.application:
-                is_valid = False
-                error = _('Application not exists')
-                return is_valid, error
-            has_perm, actions, expired_at = app_validate_permission(
-                self.user, self.application, self.system_user
-            )
-            if not has_perm:
-                is_valid = False
-                error = _('User has no permission to access application or permission expired')
-                return is_valid, error
-            self.actions = actions
-            self.expired_at = expired_at
+        if not self.asset:
+            is_valid = False
+            error = _('Asset not exists')
+            return is_valid, error
 
+        if not self.asset.is_active:
+            is_valid = False
+            error = _('Asset inactive')
+            return is_valid, error
+
+        has_perm, actions, expired_at = asset_validate_permission(
+            self.user, self.asset, self.account
+        )
+        if not has_perm:
+            is_valid = False
+            error = _('User has no permission to access asset or permission expired')
+            return is_valid, error
+        self.actions = actions
+        self.expired_at = expired_at
         return True, ''
 
     @lazyproperty