diff --git a/awx/ui/client/features/users/tokens/users-tokens-add.route.js b/awx/ui/client/features/users/tokens/users-tokens-add.route.js
index e8619b892c..fe9548b79a 100644
--- a/awx/ui/client/features/users/tokens/users-tokens-add.route.js
+++ b/awx/ui/client/features/users/tokens/users-tokens-add.route.js
@@ -16,6 +16,21 @@ TokensDetailResolve.$inject = [
     'ApplicationModel'
 ];
 
+function isMeResolve ($rootScope, $stateParams, $state) {
+    // The user should not be able to add tokens for users other than
+    // themselves. Adding this redirect so that a user is not able to
+    // visit the add-token URL directly for a different user.
+    if (_.has($stateParams, 'user_id') && Number($stateParams.user_id) !== $rootScope.current_user.id) {
+        $state.go('users');
+    }
+}
+
+isMeResolve.$inject = [
+    '$rootScope',
+    '$stateParams',
+    '$state'
+];
+
 export default {
     url: '/add-token',
     name: 'users.edit.tokens.add',
@@ -37,6 +52,7 @@ export default {
         }
     },
     resolve: {
-        resolvedModels: TokensDetailResolve
+        resolvedModels: TokensDetailResolve,
+        isMe: isMeResolve
     }
 };