diff --git a/lang/en/webservice.php b/lang/en/webservice.php
index ebfe9384082..057f9f609b1 100644
--- a/lang/en/webservice.php
+++ b/lang/en/webservice.php
@@ -131,6 +131,7 @@ $string['norequiredcapability'] = 'No required capability';
 $string['notoken'] = 'The token list is empty.';
 $string['onesystemcontrolling'] = 'Allow an external system to control Moodle';
 $string['onesystemcontrollingdescription'] = 'The following steps help you to set up the Moodle web services to allow an external system to interact with Moodle. This includes setting up a token (security key) authentication method.';
+$string['onlyseecreatedtokens'] = 'Only tokens you own or created can be seen. You can still delete other tokens.';
 $string['operation'] = 'Operation';
 $string['optional'] = 'Optional';
 $string['passwordisexpired'] = 'Password is expired.';
diff --git a/lib/adminlib.php b/lib/adminlib.php
index 68ec79f7f48..410130ec38a 100644
--- a/lib/adminlib.php
+++ b/lib/adminlib.php
@@ -9531,6 +9531,10 @@ class admin_setting_managewebservicetokens extends admin_setting {
 
         $return = $OUTPUT->box_start('generalbox webservicestokenui');
 
+        if (has_capability('moodle/webservice:managealltokens', context_system::instance())) {
+            $return .= \html_writer::div(get_string('onlyseecreatedtokens', 'webservice'));
+        }
+
         $table = new \webservice\token_table('webservicetokens');
         $table->define_baseurl($baseurl);
         $table->attributes['class'] = 'admintable generaltable'; // Any need changing?
diff --git a/webservice/classes/token_table.php b/webservice/classes/token_table.php
index fba6aa2787e..059fc049d8f 100644
--- a/webservice/classes/token_table.php
+++ b/webservice/classes/token_table.php
@@ -159,7 +159,7 @@ class token_table extends \table_sql {
         global $USER;
         // Hide the token if it wasn't created by the current user.
         if ($data->creatorid != $USER->id) {
-            return '';
+            return '-';
         }
 
         return $data->token;