diff --git a/database/migrations/2022_08_11_125502_ptero_client_key.php b/database/migrations/2022_08_11_125502_ptero_client_key.php
new file mode 100644
index 00000000..67eb92b5
--- /dev/null
+++ b/database/migrations/2022_08_11_125502_ptero_client_key.php
@@ -0,0 +1,36 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Schema;
+
+class PteroClientKey extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        // Insert some stuff
+        DB::table('settings')->insert(
+            array(
+                'key' => 'SETTINGS::SYSTEM:PTERODACTYL:ADMIN_USER_TOKEN',
+                'type' => 'string',
+                'description' => 'The Client API Key of an Pterodactyl Admin Account',
+            )
+        );
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}
diff --git a/public/install/forms.php b/public/install/forms.php
index 70562a0a..bb0bdd7d 100644
--- a/public/install/forms.php
+++ b/public/install/forms.php
@@ -149,11 +149,28 @@ if (isset($_POST['checkSMTP'])) {
 if (isset($_POST['checkPtero'])) {
     $url = $_POST['url'];
     $key = $_POST['key'];
+    $clientkey = $_POST['clientkey'];
 
     if (substr($url, -1) === "/") {
         $url = substr_replace($url, "", -1);
     }
 
+    $callpteroURL = $url . "/api/client/account";
+    $call = curl_init();
+
+    curl_setopt($call, CURLOPT_URL, $callpteroURL);
+    curl_setopt($call, CURLOPT_RETURNTRANSFER, true);
+    curl_setopt($call, CURLOPT_HTTPHEADER, array(
+        "Accept: application/json",
+        "Content-Type: application/json",
+        "Authorization: Bearer " . $clientkey
+    ));
+    $callresponse = curl_exec($call);
+    $callresult = json_decode($callresponse, true);
+    curl_close($call); // Close the connection
+
+
+
 
     $pteroURL = $url . "/api/application/users";
     $ch = curl_init();
@@ -172,11 +189,17 @@ if (isset($_POST['checkPtero'])) {
 
     if (!is_array($result) or in_array($result["errors"][0]["code"], $result)) {
         header("LOCATION: index.php?step=5&message=Couldnt connect to Pterodactyl. Make sure your API key has all read and write permissions!");
+        wh_log("API CALL ERROR: ".$result["errors"][0]["code"]);
+        die();
+    }elseif (!is_array($callresult) or in_array($result["errors"][0]["code"], $result) or $callresult["attributes"]["admin"] == false) {
+        header("LOCATION: index.php?step=5&message=Your ClientAPI Key is wrong or the account is not an admin!");
+        wh_log("API CALL ERROR: ".$result["errors"][0]["code"]);
         die();
     } else {
 
         $query1 = "UPDATE `" . getEnvironmentValue("DB_DATABASE") . "`.`settings` SET `value` = '$url' WHERE (`key` = 'SETTINGS::SYSTEM:PTERODACTYL:URL')";
         $query2 = "UPDATE `" . getEnvironmentValue("DB_DATABASE") . "`.`settings` SET `value` = '$key' WHERE (`key` = 'SETTINGS::SYSTEM:PTERODACTYL:TOKEN')";
+        $query3 = "UPDATE `" . getEnvironmentValue("DB_DATABASE") . "`.`settings` SET `value` = '$clientkey' WHERE (`key` = 'SETTINGS::SYSTEM:PTERODACTYL:ADMIN_USER_TOKEN')";
 
 
         $db = new mysqli(getEnvironmentValue("DB_HOST"), getEnvironmentValue("DB_USERNAME"), getEnvironmentValue("DB_PASSWORD"), getEnvironmentValue("DB_DATABASE"), getEnvironmentValue("DB_PORT"));
@@ -186,7 +209,7 @@ if (isset($_POST['checkPtero'])) {
             die();
         }
 
-        if ($db->query($query1) && $db->query($query2)) {
+        if ($db->query($query1) && $db->query($query2) && $db->query($query3)) {
             header("LOCATION: index.php?step=6");
         } else {
             wh_log($db->error);
diff --git a/public/install/index.php b/public/install/index.php
index 70a7fb18..bc37320a 100644
--- a/public/install/index.php
+++ b/public/install/index.php
@@ -365,13 +365,22 @@ echo $cardheader;
                             </div>
                             <div class="form-group">
                                 <div class="custom-control mb-3">
-                                    <label for="key">Pterodactyl API-Key</label>
+                                    <label for="key">Pterodactyl API-Key (found here: https://your.ptero.com/admin/api)</label>
                                     <input id="key" name="key" type="text"
                                            required
                                            value="" class="form-control"
                                            placeholder="The Key needs ALL read&write Permissions!">
                                 </div>
                             </div>
+                            <div class="form-group">
+                                <div class="custom-control mb-3">
+                                    <label for="clientkey">Pterodactyl Admin-User API-Key (https://your.ptero.com/account/api)</label>
+                                    <input id="clientkey" name="clientkey" type="text"
+                                           required
+                                           value="" class="form-control"
+                                           placeholder="Your Account needs to be an Admin!">
+                                </div>
+                            </div>
 
 
                         </div>