diff --git a/lib/travis/api/app/endpoint.rb b/lib/travis/api/app/endpoint.rb
index 9bee2ff8..77a5abda 100644
--- a/lib/travis/api/app/endpoint.rb
+++ b/lib/travis/api/app/endpoint.rb
@@ -6,7 +6,8 @@ class Travis::Api::App
   class Endpoint < Responder
     set(:prefix) { "/" << name[/[^:]+$/].underscore }
     set disable_root_endpoint: false
-    register :scoping
+    register :scoping, :services
+    helpers :services, :current_user
 
     before { content_type :json }
     error(ActiveRecord::RecordNotFound, Sinatra::NotFound) { not_found }
@@ -14,15 +15,6 @@ class Travis::Api::App
 
     private
 
-      def service(key, user = current_user)
-        const = Travis.services[key] || raise("no service registered for #{key}")
-        const.new(user)
-      end
-
-      def current_user
-        env['travis.access_token'].user if env['travis.access_token']
-      end
-
       def redis
         Thread.current[:redis] ||= ::Redis.connect(url: Travis.config.redis.url)
       end
diff --git a/lib/travis/api/app/extensions/scoping.rb b/lib/travis/api/app/extensions/scoping.rb
index e4094d66..96b76b83 100644
--- a/lib/travis/api/app/extensions/scoping.rb
+++ b/lib/travis/api/app/extensions/scoping.rb
@@ -3,24 +3,6 @@ require 'travis/api/app'
 class Travis::Api::App
   module Extensions
     module Scoping
-      module Helpers
-        def access_token
-          env['travis.access_token']
-        end
-
-        def user
-          access_token.user if logged_in?
-        end
-
-        def logged_in?
-          !!access_token
-        end
-
-        def scopes
-          logged_in? ? access_token.scopes : settings.anonymous_scopes
-        end
-      end
-
       def self.registered(app)
         app.set default_scope: :public, anonymous_scopes: [:public]
         app.helpers(Helpers)
@@ -28,16 +10,16 @@ class Travis::Api::App
 
       def scope(name)
         condition do
-          name = settings.default_scope if name == :default
+          name   = settings.default_scope if name == :default
+          scopes = env['travis.access_token'].try(:scopes) || settings.anonymous_scopes
           headers['X-OAuth-Scopes'] = scopes.map(&:to_s).join(',')
           headers['X-Accepted-OAuth-Scopes'] = name.to_s
 
           if scopes.include? name
             headers['Vary'] = 'Accept'
-            headers['Vary'] << ', Authorization' if scope == :public
-            #cache_control :public, :must_revalidate if request.head? or request.get?
+            headers['Vary'] << ', Authorization' if name == :public
             true
-          elsif logged_in?
+          elsif env['travis.access_token']
             halt 403, "insufficient access"
           else
             halt 401, "no access token supplied"
diff --git a/lib/travis/api/app/extensions/services.rb b/lib/travis/api/app/extensions/services.rb
new file mode 100644
index 00000000..fcc30c0e
--- /dev/null
+++ b/lib/travis/api/app/extensions/services.rb
@@ -0,0 +1,8 @@
+require 'travis/api/app'
+
+class Travis::Api::App
+  module Extensions
+    module Services
+    end
+  end
+end
diff --git a/lib/travis/api/app/helpers/current_user.rb b/lib/travis/api/app/helpers/current_user.rb
new file mode 100644
index 00000000..78dbf273
--- /dev/null
+++ b/lib/travis/api/app/helpers/current_user.rb
@@ -0,0 +1,19 @@
+require 'travis/api/app'
+
+class Travis::Api::App
+  module Helpers
+    module CurrentUser
+      def current_user
+        access_token.user if logged_in?
+      end
+
+      def access_token
+        env['travis.access_token']
+      end
+
+      def logged_in?
+        !!access_token
+      end
+    end
+  end
+end
diff --git a/lib/travis/api/app/helpers/services.rb b/lib/travis/api/app/helpers/services.rb
new file mode 100644
index 00000000..b116323e
--- /dev/null
+++ b/lib/travis/api/app/helpers/services.rb
@@ -0,0 +1,12 @@
+require 'travis/api/app'
+
+class Travis::Api::App
+  module Helpers
+    module Services
+      def service(key, user = current_user)
+        const = Travis.services[key] || raise("no service registered for #{key}")
+        const.new(user)
+      end
+    end
+  end
+end
diff --git a/travis-api.gemspec b/travis-api.gemspec
index ce4d28e4..9d18404f 100644
--- a/travis-api.gemspec
+++ b/travis-api.gemspec
@@ -27,11 +27,13 @@ Gem::Specification.new do |s|
     "Rakefile",
     "config.ru",
     "config/database.yml",
+    "config/newrelic.yml",
     "docs/00_overview.md",
     "docs/01_cross_origin.md",
     "lib/travis/api/app.rb",
     "lib/travis/api/app/access_token.rb",
     "lib/travis/api/app/endpoint.rb",
+    "lib/travis/api/app/endpoint/accounts.rb",
     "lib/travis/api/app/endpoint/artifacts.rb",
     "lib/travis/api/app/endpoint/authorization.rb",
     "lib/travis/api/app/endpoint/branches.rb",
@@ -71,9 +73,9 @@ Gem::Specification.new do |s|
     "lib/travis/api/app/endpoint/home.rb",
     "lib/travis/api/app/endpoint/hooks.rb",
     "lib/travis/api/app/endpoint/jobs.rb",
-    "lib/travis/api/app/endpoint/profile.rb",
     "lib/travis/api/app/endpoint/repositories.rb",
     "lib/travis/api/app/endpoint/stats.rb",
+    "lib/travis/api/app/endpoint/users.rb",
     "lib/travis/api/app/endpoint/workers.rb",
     "lib/travis/api/app/extensions.rb",
     "lib/travis/api/app/extensions/scoping.rb",
@@ -89,6 +91,7 @@ Gem::Specification.new do |s|
     "script/server",
     "spec/app_spec.rb",
     "spec/default_spec.rb",
+    "spec/endpoint/accounts_spec.rb",
     "spec/endpoint/artifacts_spec.rb",
     "spec/endpoint/authorization_spec.rb",
     "spec/endpoint/branches_spec.rb",
@@ -97,8 +100,8 @@ Gem::Specification.new do |s|
     "spec/endpoint/endpoints_spec.rb",
     "spec/endpoint/hooks_spec.rb",
     "spec/endpoint/jobs_spec.rb",
-    "spec/endpoint/profile_spec.rb",
     "spec/endpoint/repositories_spec.rb",
+    "spec/endpoint/users_spec.rb",
     "spec/endpoint/workers_spec.rb",
     "spec/endpoint_spec.rb",
     "spec/extensions/scoping_spec.rb",