diff --git a/doc/api.oa3 b/doc/api.oa3
index cd087b1d..1f9b4e5e 100644
--- a/doc/api.oa3
+++ b/doc/api.oa3
@@ -601,6 +601,7 @@ paths:
         - account
       description: Generate token to attach an app to the account. Access granted to account's username and password.
       operationId: add-account-app
+      security:
         - basicAuth: []
       responses:
         '201':
@@ -748,8 +749,13 @@ paths:
         - profile
       description: Download base64 decoded data of profile image. Access granted to app tokens of account holder.
       operationId: get-profile-image
-      security:
-        - bearerAuth: []
+      parameters:
+        - name: agent
+          in: query
+          description: agent token 
+          required: false
+          schema:
+            type: string
       responses:
         '200':
           description: success
@@ -2968,9 +2974,9 @@ components:
         accountStorage:
           type: integer
           format: int64
-        openAccess
+        openAccess:
           type: boolean
-        accountLimit
+        accountLimit:
           type: integer
           format: int64
           
@@ -2996,6 +3002,31 @@ components:
         searchable:
           type: boolean
           
+    AccountProfile:
+      type: object
+      required:
+        - guid
+        - revision
+        - node
+      properties:
+        accountId:
+          type: integer
+          format: uint32
+        guid:
+          type: string
+        handle:
+          type: string
+        name:
+          type: string
+        description:
+          type: string
+        location:
+          type: string
+        imageSet:
+          type: boolean
+        disabled:
+          type: boolean
+          
     Profile:
       type: object
       required:
@@ -3643,3 +3674,4 @@ components:
 
 
 
+
diff --git a/net/server/internal/api_getProfileImage.go b/net/server/internal/api_getProfileImage.go
index 79d8e504..bc4e97a9 100644
--- a/net/server/internal/api_getProfileImage.go
+++ b/net/server/internal/api_getProfileImage.go
@@ -11,7 +11,7 @@ import (
 func GetProfileImage(w http.ResponseWriter, r *http.Request) {
   var data []byte
 
-  account, code, err := ParamAppToken(r, true);
+  account, code, err := ParamAgentToken(r, true);
   if err != nil {
     ErrResponse(w, code, err)
     return
diff --git a/net/server/internal/authUtil.go b/net/server/internal/authUtil.go
index 60196d30..fa2d1078 100644
--- a/net/server/internal/authUtil.go
+++ b/net/server/internal/authUtil.go
@@ -77,10 +77,10 @@ func BearerAccountToken(r *http.Request) (*store.AccountToken, error) {
   return &accountToken, nil
 }
 
-func ParamAppToken(r *http.Request, detail bool) (*store.Account, int, error) {
+func ParamAgentToken(r *http.Request, detail bool) (*store.Account, int, error) {
 
   // parse authentication token
-  target, access, err := ParseToken(r.FormValue("token"))
+  target, access, err := ParseToken(r.FormValue("agent"))
   if err != nil {
     return nil, http.StatusBadRequest, err
   }
diff --git a/net/server/internal/ucProfileUpdate_test.go b/net/server/internal/ucProfileUpdate_test.go
index 17dc02c4..430b52b7 100644
--- a/net/server/internal/ucProfileUpdate_test.go
+++ b/net/server/internal/ucProfileUpdate_test.go
@@ -102,7 +102,7 @@ func TestProfileUpdate(t *testing.T) {
     APP_TOKENAPP, set.A.Token, &profile, nil))
 
   // retrieve profile image
-  data, hdr, err = ApiTestData(GetProfileImage, "GET", "/profile/image?token=" + set.A.Token, nil, nil,
+  data, hdr, err = ApiTestData(GetProfileImage, "GET", "/profile/image?agent=" + set.A.Token, nil, nil,
     APP_TOKENAPP, set.A.Token, 0, 0)
   assert.NoError(t, err)
 
diff --git a/net/web/src/User/SideBar/Identity/Identity.jsx b/net/web/src/User/SideBar/Identity/Identity.jsx
index cbf7839a..22578103 100644
--- a/net/web/src/User/SideBar/Identity/Identity.jsx
+++ b/net/web/src/User/SideBar/Identity/Identity.jsx
@@ -25,6 +25,9 @@ export function Identity() {
         <div onClick={() => actions.editProfile()}>Edit Profile</div>
       </Menu.Item>
       <Menu.Item key="1">
+        <div onClick={() => actions.editLabels()}>Manage Labels</div>
+      </Menu.Item>
+      <Menu.Item key="2">
         <div onClick={() => actions.logout()}>Sign Out</div>
       </Menu.Item>
     </Menu>
@@ -32,7 +35,7 @@ export function Identity() {
 
   return (
     <IdentityWrapper>
-      <Dropdown overlay={menu} overlayStyle={{ minWidth: 0 }} trigger={['click']} placement="right">
+      <Dropdown overlay={menu} overlayStyle={{ minWidth: 0 }} trigger={['click']} placement="rightTop">
         <div>
           <div class="container">
             <div class="avatar">
diff --git a/net/web/src/User/SideBar/Identity/useIdentity.hook.js b/net/web/src/User/SideBar/Identity/useIdentity.hook.js
index 2f21b45d..137f1a4c 100644
--- a/net/web/src/User/SideBar/Identity/useIdentity.hook.js
+++ b/net/web/src/User/SideBar/Identity/useIdentity.hook.js
@@ -15,6 +15,9 @@ export function useIdentity() {
     logout: async () => {
       app.actions.logout()
     },
+    editLabels: () => {
+      console.log("EDIT LABELS");
+    },
     editProfile: () => {
       navigate('/user/profile');
     }