diff --git a/app/routers/user.py b/app/routers/user.py
index 0a842a2..7d605e7 100644
--- a/app/routers/user.py
+++ b/app/routers/user.py
@@ -164,18 +164,23 @@ async def patch_user_obj(
 
 
 # ### BEGIN ### API User Routers ### user_new_auth_key() ###
-# Generate a new one time use authorization key
-@router.get('/user/new_auth_key', response_model=Resp_Body_Base)
+# Generate a new one time use authorization key for login without password
+# Updated 2022-01-07
+# @router.get('/user/new_auth_key', response_model=Resp_Body_Base)
+@router.get('/user/{user_id}/new_auth_key', response_model=Resp_Body_Base)
 async def user_new_auth_key(
-        user_id: Optional[str] = Query(None, min_length=2, max_length=50),
-        return_obj: Optional[bool] = False,
+        user_id: str = Query(..., min_length=11, max_length=22),
+        return_obj: bool = False,
         commons: Common_Route_Params = Depends(common_route_params),
         ):
     log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
     log.debug(locals())
 
+    if user_id := redis_lookup_id_random(record_id_random=user_id, table_name='user'): pass
+    else: return mk_resp(data=None, status_code=404, response=commons.response, status_message='The user ID was invalid or not found.')
+
     update_user_data = {}
-    update_user_data['id_random'] = user_id
+    update_user_data['id'] = user_id
     update_user_data['auth_key'] = secrets.token_urlsafe(default_num_bytes)
 
     if user_rec_update_result := sql_update(table_name='user', data=update_user_data):
@@ -183,28 +188,30 @@ async def user_new_auth_key(
 
         if return_obj:
             user_obj = load_user_obj(
-                user_id=user_id,
-                inc_contact=False,
-                inc_organization=False,
-                inc_person=False
+                user_id = user_id,
                 ).dict(by_alias=commons.by_alias, exclude_unset=commons.exclude_unset)
             data = user_obj
         else:
             user_obj = {}
+            # user_obj['allow_auth_key'] = update_user_data['allow_auth_key']
             user_obj['auth_key'] = update_user_data['auth_key']
+            # user_obj['enable'] = update_user_data['enable']
+            # user_obj['enable_from'] = update_user_data['enable_from']
+            # user_obj['enable_to'] = update_user_data['enable_to']
         return mk_resp(data=user_obj, response=commons.response)
     else:
         log.info('The user record was not updated with a new auth_key')
         log.debug(user_rec_update_result)
 
         return mk_resp(data=False, status_code=404, response=commons.response)
+# ### END ### API User Routers ### user_new_auth_key() ###
 
 
 # ### BEGIN ### API User Routers ### user_authenticate() ###
 # Authenticate a username and password OR by user ID and authorization key
 # An authorization key can only be done once. It will be deleted if found.
 # A new key will need to be requested for a particular user each time.
-# NOTE: Should this be divided into username/password and user ID/auth key endpoints?
+# NOTE: Should this be divided into username/password and user ID/auth key endpoints? Probably vote 2x
 # Updated 2021-10-06
 @router.get('/user/authenticate', response_model=Resp_Body_Base)
 async def user_authenticate(