diff --git a/apps/assets/api/system_user.py b/apps/assets/api/system_user.py
index 89d5d909b..14c02aa8d 100644
--- a/apps/assets/api/system_user.py
+++ b/apps/assets/api/system_user.py
@@ -2,6 +2,7 @@
 from django.shortcuts import get_object_or_404
 from rest_framework.response import Response
 from rest_framework.decorators import action
+from rest_framework.viewsets import GenericViewSet
 
 from common.utils import get_logger, get_object_or_none
 from common.permissions import IsValidUser
@@ -20,7 +21,8 @@ logger = get_logger(__file__)
 __all__ = [
     'SystemUserViewSet', 'SystemUserAuthInfoApi', 'SystemUserAssetAuthInfoApi',
     'SystemUserCommandFilterRuleListApi', 'SystemUserTaskApi', 'SystemUserAssetsListView',
-    'SystemUserTempAuthInfoApi', 'SystemUserAppAuthInfoApi', 'SystemUserAssetAccountApi'
+    'SystemUserTempAuthInfoApi', 'SystemUserAppAuthInfoApi', 'SystemUserAssetAccountApi',
+    'SystemUserAssetAccountSecretApi',
 ]
 
 
@@ -76,24 +78,61 @@ class SystemUserViewSet(SuggestionMixin, OrgBulkModelViewSet):
         return Response(serializer.data)
 
 
-class SystemUserAssetAccountApi(generics.RetrieveUpdateDestroyAPIView):
+class SystemUserAccountViewSet(GenericViewSet):
+    model = Account
+    serializer_classes = {
+        'default': serializers.AccountSerializer,
+        'account_secret': serializers.AccountSecretSerializer,
+    }
+
+    def get_object(self):
+        system_user_id = self.kwargs.get('pk')
+        asset_id = self.kwargs.get('asset_id')
+        user_id = self.kwargs.get("user_id")
+        system_user = SystemUser.objects.get(id=system_user_id)
+        account = system_user.get_account(user_id, asset_id)
+        return account
+
+    @action(methods=['get'], detail=False, url_path='account')
+    def account(self, request, *args, **kwargs):
+        pass
+
+    @action(methods=['get'], detail=False, url_path='account-secret')
+    def account_secret(self):
+        pass
+
+    @action(methods=['put'], detail=False, url_path='manual-account')
+    def manual_account(self, request, *args, **kwargs):
+        pass
+
+
+class SystemUserAssetAccountApi(generics.RetrieveAPIView):
     model = Account
     serializer_class = serializers.AccountSerializer
 
     def get_object(self):
+        system_user_id = self.kwargs.get('pk')
         asset_id = self.kwargs.get('asset_id')
         user_id = self.kwargs.get("user_id")
-        system_user = super().get_object()
+        system_user = SystemUser.objects.get(id=system_user_id)
         account = system_user.get_account(user_id, asset_id)
         return account
 
 
+class SystemUserAssetAccountSecretApi(SystemUserAssetAccountApi):
+    model = Account
+    serializer_class = serializers.AccountSecretSerializer
+    rbac_perms = {
+        'retrieve': 'assets.view_accountsecret'
+    }
+
+
 class SystemUserAuthInfoApi(generics.RetrieveUpdateDestroyAPIView):
     """
     Get system user auth info
     """
     model = SystemUser
-    serializer_class = serializers.SystemUserWithAuthInfoSerializer
+    serializer_class = serializers.AccountSerializer
     rbac_perms = {
         'retrieve': 'assets.view_systemusersecret',
         'list': 'assets.view_systemusersecret',
@@ -101,6 +140,14 @@ class SystemUserAuthInfoApi(generics.RetrieveUpdateDestroyAPIView):
         'destroy': 'assets.change_systemuser',
     }
 
+    def get_object(self):
+        system_user_id = self.kwargs.get('pk')
+        asset_id = self.kwargs.get('asset_id')
+        user_id = self.kwargs.get("user_id")
+        system_user = SystemUser.objects.get(id=system_user_id)
+        account = system_user.get_account(user_id, asset_id)
+        return account
+
     def destroy(self, request, *args, **kwargs):
         instance = self.get_object()
         instance.clear_auth()
diff --git a/apps/assets/migrations/0092_auto_20220711_1409.py b/apps/assets/migrations/0092_auto_20220711_1409.py
index 8036cc09f..efcb59e9d 100644
--- a/apps/assets/migrations/0092_auto_20220711_1409.py
+++ b/apps/assets/migrations/0092_auto_20220711_1409.py
@@ -75,7 +75,7 @@ class Migration(migrations.Migration):
             ],
             options={
                 'verbose_name': 'Account',
-                'permissions': [('view_assetaccountsecret', 'Can view asset account secret'), ('change_assetaccountsecret', 'Can change asset account secret'), ('view_assethistoryaccount', 'Can view asset history account'), ('view_assethistoryaccountsecret', 'Can view asset history account secret')],
+                'permissions': [('view_accountsecret', 'Can view asset account secret'), ('change_accountsecret', 'Can change asset account secret'), ('view_historyaccount', 'Can view asset history account'), ('view_historyaccountsecret', 'Can view asset history account secret')],
                 'unique_together': {('username', 'asset')},
             },
             bases=(models.Model, assets.models.base.AuthMixin, assets.models.user.ProtocolMixin),
diff --git a/apps/assets/models/account.py b/apps/assets/models/account.py
index 3c0588cdf..eb651965b 100644
--- a/apps/assets/models/account.py
+++ b/apps/assets/models/account.py
@@ -27,10 +27,10 @@ class Account(BaseUser, AbsConnectivity, ProtocolMixin):
         verbose_name = _('Account')
         unique_together = [('username', 'asset')]
         permissions = [
-            ('view_assetaccountsecret', _('Can view asset account secret')),
-            ('change_assetaccountsecret', _('Can change asset account secret')),
-            ('view_assethistoryaccount', _('Can view asset history account')),
-            ('view_assethistoryaccountsecret', _('Can view asset history account secret')),
+            ('view_accountsecret', _('Can view asset account secret')),
+            ('change_accountsecret', _('Can change asset account secret')),
+            ('view_historyaccount', _('Can view asset history account')),
+            ('view_historyaccountsecret', _('Can view asset history account secret')),
         ]
 
     def __str__(self):
diff --git a/apps/assets/models/user.py b/apps/assets/models/user.py
index 9e37b2fee..9770b2266 100644
--- a/apps/assets/models/user.py
+++ b/apps/assets/models/user.py
@@ -223,7 +223,7 @@ class SystemUser(ProtocolMixin, BaseUser):
         return get_object_or_404(Account, asset_id=asset_id, username=username)
 
     def get_account(self, user_id, asset_id):
-        if self.login_mode == self.LOGIN_AUTO:
+        if self.login_mode == self.LOGIN_MANUAL:
             return self.get_manual_account(user_id, asset_id)
         else:
             return self.get_auto_account(user_id, asset_id)
diff --git a/apps/assets/serializers/system_user.py b/apps/assets/serializers/system_user.py
index 7bdd13fe1..7d15041ec 100644
--- a/apps/assets/serializers/system_user.py
+++ b/apps/assets/serializers/system_user.py
@@ -298,10 +298,10 @@ class SystemUserAssetRelationSerializer(RelationMixin, serializers.ModelSerializ
     asset_display = serializers.ReadOnlyField(label=_('Asset hostname'))
 
     class Meta:
-        model = SystemUser
+        model = SystemUser.assets.through
         fields = [
-            "id", "asset", "asset_display", 'systemuser', 'systemuser_display',
-            "connectivity", 'date_verified', 'org_id'
+            "id", "asset", "asset_display",
+            "systemuser", "systemuser_display",
         ]
         use_model_bulk_create = True
         model_bulk_create_kwargs = {
diff --git a/apps/assets/urls/api_urls.py b/apps/assets/urls/api_urls.py
index 8f2d4c8cf..1c405a82a 100644
--- a/apps/assets/urls/api_urls.py
+++ b/apps/assets/urls/api_urls.py
@@ -45,12 +45,10 @@ urlpatterns = [
     path('assets/<uuid:pk>/perm-user-groups/', api.AssetPermUserGroupListApi.as_view(), name='asset-perm-user-group-list'),
     path('assets/<uuid:pk>/perm-user-groups/<uuid:perm_user_group_id>/permissions/', api.AssetPermUserGroupPermissionsListApi.as_view(), name='asset-perm-user-group-permission-list'),
 
-    path('system-users/<uuid:pk>/auth-info/', api.SystemUserAuthInfoApi.as_view(), name='system-user-auth-info'),
     path('system-users/<uuid:pk>/assets/', api.SystemUserAssetsListView.as_view(), name='system-user-assets'),
-    path('system-users/<uuid:pk>/assets/<uuid:asset_id>/auth-info/', api.SystemUserAssetAuthInfoApi.as_view(), name='system-user-asset-auth-info'),
     path('system-users/<uuid:pk>/applications/<uuid:app_id>/auth-info/', api.SystemUserAppAuthInfoApi.as_view(), name='system-user-app-auth-info'),
     path('system-users/<uuid:pk>/assets/<uuid:asset_id>/users/<uuid:user_id>/account/', api.SystemUserAssetAccountApi.as_view(), name='system-user-asset-account'),
-    path('system-users/<uuid:pk>/temp-auth/', api.SystemUserTempAuthInfoApi.as_view(), name='system-user-asset-temp-info'),
+    path('system-users/<uuid:pk>/assets/<uuid:asset_id>/users/<uuid:user_id>/account-secret/', api.SystemUserAssetAccountSecretApi.as_view(), name='system-user-asset-account-secret'),
     path('system-users/<uuid:pk>/tasks/', api.SystemUserTaskApi.as_view(), name='system-user-task-create'),
     path('system-users/<uuid:pk>/cmd-filter-rules/', api.SystemUserCommandFilterRuleListApi.as_view(), name='system-user-cmd-filter-rule-list'),
     path('cmd-filter-rules/', api.SystemUserCommandFilterRuleListApi.as_view(), name='cmd-filter-rules'),