diff --git a/app/eve_api/urls.py b/app/eve_api/urls.py
index f314aac..b414d5a 100644
--- a/app/eve_api/urls.py
+++ b/app/eve_api/urls.py
@@ -8,7 +8,7 @@ urlpatterns = patterns('',
     url(r'^eveapi/add/$', views.eveapi_add, name="eveapi-add"),
     url(r'^eveapi/update/(?P<userid>\d+)/$', views.eveapi_update, name="eveapi-update"),
     url(r'^eveapi/delete/(?P<userid>\d+)/$', views.eveapi_del, name="eveapi-delete"),
-    url(r'^eveapi/refresh/(?P<userid>\d+)/$', views.eveapi_refresh, name="eveapi-refresh"),
+    url(r'^eveapi/refresh/(?P<pk>\d+)/$', login_required(views.EVEAPIRefresh.as_view()), name="eveapi-refresh"),
     url(r'^eveapi/log/(?P<userid>\d+)/$', login_required(views.EVEAPILogView.as_view()), name="eveapi-log"),
     url(r'^eveapi/access/(?P<slug>\d+)/$', login_required(views.EVEAPIAccessView.as_view()), name="eveapi-accessview"),
 
diff --git a/app/eve_api/views/base.py b/app/eve_api/views/base.py
index 1293953..9bec49f 100644
--- a/app/eve_api/views/base.py
+++ b/app/eve_api/views/base.py
@@ -2,10 +2,11 @@ import csv
 
 from django.core import serializers
 from django.core.urlresolvers import reverse
-from django.http import HttpResponse, Http404
+from django.http import HttpResponse, Http404, HttpResponseForbidden, HttpResponseRedirect
 from django.shortcuts import render_to_response, get_object_or_404, redirect
 from django.template import RequestContext
-from django.views.generic import DetailView, ListView
+from django.views.generic import DetailView, ListView, View
+from django.views.generic.detail import SingleObjectMixin
 from django.contrib import messages
 from django.contrib.auth.decorators import login_required
 
@@ -110,14 +111,17 @@ def eveapi_del(request, userid, post_save_redirect='/'):
     return redirect(post_save_redirect)
 
 
-@login_required
-def eveapi_refresh(request, userid, post_save_redirect='/'):
-    """ Force refresh a EVE API key """
-
-    acc = get_object_or_404(EVEAccount, pk=userid)
-    if acc.user == request.user or request.user.is_superuser:
-        task = import_apikey_result.delay(api_key=acc.api_key, api_userid=acc.api_user_id, force_cache=True, user=request.user.id)
-        if request.is_ajax():
+class EVEAPIRefresh(SingleObjectMixin, View):
+    """Force a refresh of a EVE API key, accepts requests via AJAX or normal requests"""
+    
+    model = EVEAccount
+    
+    def get(self, request, *args, **kwargs):
+        self.object = self.get_object()
+        if self.object.user != self.request.user and not request.user.is_superuser:
+            return HttpResponseForbidden()
+        task = import_apikey_result.delay(api_key=self.object.api_key, api_userid=self.object.api_user_id, force_cache=True, user=self.object.user.id)
+        if self.request.is_ajax():
             try:
                 acc = task.wait(30)
             except (celery.exceptions.TimeoutError, DocumentRetrievalError):
@@ -125,14 +129,14 @@ def eveapi_refresh(request, userid, post_save_redirect='/'):
             ret = []
             if acc:
                 ret = [acc]
-            return HttpResponse(serializers.serialize('json', ret), mimetype='application/javascript')
+            return HttpResponse(serializers.serialize('json', ret), mimetype='application/javascript') 
         else:
             messages.add_message(request, messages.INFO, "Key %s has been queued to be refreshed from the API" % acc.api_user_id)
-
-    return redirect(post_save_redirect)
-
+        return HttpResponseRedirect('/')            
+    
 
 class EVEAPILogView(ListView):
+    """Shows EVE API access log for a particular API key"""
 
     model = ApiAccessLog
     template_name = 'eve_api/log.html'
@@ -140,7 +144,7 @@ class EVEAPILogView(ListView):
     def dispatch(self, request, *args, **kwargs):
         self.userid = kwargs.pop('userid')
         if not (get_object_or_404(EVEAccount, pk=self.userid).user == request.user or request.user.is_superuser):
-            raise Http404
+            return HttpResponseForbidden()
         return super(EVEAPILogView, self).dispatch(request, *args, **kwargs)
 
     def get_context_data(self, **kwargs):
diff --git a/app/sso/templates/sso/profile.html b/app/sso/templates/sso/profile.html
index a270b7a..32c30b5 100644
--- a/app/sso/templates/sso/profile.html
+++ b/app/sso/templates/sso/profile.html
@@ -98,7 +98,7 @@
         <td><a href="#" class="accesspopup" id="{{ acc.api_user_id}}" data-original-title="Access for Key {{ acc.api_user_id }}" rel="popover">{{ acc.get_api_keytype_display }}</a>{% if acc.api_keytype == 4 %}&nbsp;<b><sup style="color: red;">*</sup></b>{% endif %}</td>
         <td id="api-status-{{ acc.api_user_id }}">{{ acc.get_api_status_display }}</td>
         <td id="api-time-{{ acc.api_user_id }}">{{ acc.api_last_updated|naturaltimediff }}</td>
-        <td>{% ifswitch api-disableprocessing %}{% else %}<a href="{% url eve_api.views.eveapi_refresh acc.api_user_id %}"  onclick="javascript:refresh_apikey({{ acc.api_user_id }}); return false;">Refresh</a>,&nbsp;
+        <td>{% ifswitch api-disableprocessing %}{% else %}<a href="{% url eveapi-refresh acc.api_user_id %}"  onclick="javascript:refresh_apikey({{ acc.api_user_id }}); return false;">Refresh</a>,&nbsp;
           <a href="{% url eve_api.views.eveapi_update acc.api_user_id %}">Update Key</a>,&nbsp;{% endifswitch %}
           <a href="{% url eveapi-log acc.api_user_id %}">Logs</a>{% ifswitch eve-keydelete %},&nbsp;
           <a href="{% url eve_api.views.eveapi_del acc.api_user_id %}">Delete</a>{% endifswitch %}</td>