diff --git a/app/controllers/activity_streams/photos_controller.rb b/app/controllers/activity_streams/photos_controller.rb
index 1a7a72662..be0d6c07f 100644
--- a/app/controllers/activity_streams/photos_controller.rb
+++ b/app/controllers/activity_streams/photos_controller.rb
@@ -3,7 +3,8 @@
 #   the COPYRIGHT file.
 
 class ActivityStreams::PhotosController < ApplicationController
-  before_filter :authenticate_user!
+  authenticate_with_oauth
+  before_filter :set_user_from_oauth
   skip_before_filter :verify_authenticity_token, :only => :create
 
   respond_to :json
@@ -38,4 +39,10 @@ class ActivityStreams::PhotosController < ApplicationController
     end
     respond_with @photo
   end
+  def current_user
+    @user
+  end
+  def set_user_from_oauth
+    @user = request.env['oauth2'].resource_owner
+  end
 end
diff --git a/app/controllers/apis_controller.rb b/app/controllers/apis_controller.rb
index 5ed3ed5df..b43da81fa 100644
--- a/app/controllers/apis_controller.rb
+++ b/app/controllers/apis_controller.rb
@@ -5,7 +5,11 @@ class ApisController < ApplicationController
 
   def me
     @person = @user.person
-    render :json => {:birthday => @person.profile.birthday, :name => @person.name}
+    render :json => {
+                      :birthday => @person.profile.birthday,
+                      :name => @person.name,
+                      :uid => @user.username
+                    }
   end
 
   private
diff --git a/app/controllers/authorizations_controller.rb b/app/controllers/authorizations_controller.rb
index 3dc991744..c6537953a 100644
--- a/app/controllers/authorizations_controller.rb
+++ b/app/controllers/authorizations_controller.rb
@@ -6,7 +6,9 @@ class AuthorizationsController < ApplicationController
   skip_before_filter :verify_authenticity_token, :only => :token
 
   def new
+    @requested_scopes = params["scope"].split(',')
     @client = oauth2_authorization_request.client
+    render :layout => "popup" if params[:popup]
   end
 
   def create
diff --git a/app/views/authorizations/new.html.haml b/app/views/authorizations/new.html.haml
index 4a31aed9b..9023c487b 100644
--- a/app/views/authorizations/new.html.haml
+++ b/app/views/authorizations/new.html.haml
@@ -1,27 +1,45 @@
+#popup-contents
+  %h4
+    = "#{@client.name} is requesting access to your account"
 
-%br
-%br
+  #popup-content-left
+    %ul#requested-scopes
+      - @requested_scopes.each do |scope|
+        - if scope == "name"
+          %li
+            .scope-photo
+              = owner_image_tag
 
-.prepend-4
-  .floating.span-15
-    .span-3.append-1
-      = image_tag(@client.icon_url, :id => 'client-application-image')
+            %strong
+              Basic Info
+            %br
+            Cubbies will be able to see your name, profile photo, and other basic profile information.
 
-    .span-10
-      = form_for :authorization,
-        :url => oauth_authorize_path(params.slice(:redirect_uri, :client_id, :client_secret)) do |form|
+        - elsif scope = "AS_photo:post"
+          %li
+            .scope-photo
+              = image_tag('/images/icons/photo.svg')
 
-        %h1
-          = "Authorize #{@client.name}?"
+            %strong
+              Your Photos
+            %br
+            Cubbies will be able to post photos on your behalf
 
-        .description
-          = @client.description
 
-        %p
-          = "You are currently logged in as #{current_user.name}(#{current_user.diaspora_handle})."
-          = link_to("Not You?", destroy_user_session_path)
-        %br
 
-        %p
-          = form.submit "Fuck Yeah!", :value => "Yes"
-          = form.submit "Hell No.", :value => "No"
+
+    = form_for :authorization,
+      :url => oauth_authorize_path(params.slice(:redirect_uri, :client_id, :client_secret)) do |form|
+      %br
+      %p
+        = form.submit "Fuck Yeah!", :value => "Authorize", :class => 'button'
+        = form.submit "Hell No.", :value => "No", :class => 'button'
+
+
+  #popup-content-right
+    = image_tag(@client.icon_url, :id => 'client-application-image')
+    %br
+    %strong
+      = @client.name
+    .description
+      = @client.description
diff --git a/app/views/layouts/popup.html.haml b/app/views/layouts/popup.html.haml
new file mode 100644
index 000000000..aa207839c
--- /dev/null
+++ b/app/views/layouts/popup.html.haml
@@ -0,0 +1,73 @@
+-#   Copyright (c) 2010, Diaspora Inc.  This file is
+-#   licensed under the Affero General Public License version 3 or later.  See
+-#   the COPYRIGHT file.
+
+!!!
+%html{:lang => I18n.locale.to_s, :dir => (rtl?) ? 'rtl' : 'ltr'}
+  %head
+    %meta{:charset => 'utf-8'}
+
+    %title
+      = page_title yield(:page_title)
+
+    %meta{'http-equiv' => 'X-UA-Compatible', :content => 'IE=edge,chrome=1'}
+
+    %meta{"http-equiv"=>"Content-Type", :content=>"text/html; charset=utf-8"}/
+
+    %link{:rel => 'shortcut icon', :href => '/favicon.png'}
+    %link{:rel => 'apple-touch-icon', :href => '/apple-touch-icon.png'}
+
+    / Social Media Icons are by Paul Robert Lloyd @ http://paulrobertlloyd.com/2009/06/social_media_icons
+    = stylesheet_link_tag "login", :media => 'screen'
+
+    = stylesheet_link_tag "blueprint/screen", :media => 'screen'
+    = stylesheet_link_tag "blueprint/print", :media => 'print'
+    = include_stylesheets :popup, :media => 'all'
+
+    - if rtl?
+      = include_stylesheets :rtl, :media => 'all'
+
+    <!--[if IE]>
+    = javascript_include_tag "/javascripts/ie.js"
+    <![endif]-->
+
+    = include_javascripts :jquery
+    :javascript
+      !window.jQuery && document.write(unescape('%3Cscript src="//ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js"%3E%3C/script%3E'))
+
+    = csrf_meta_tag
+
+    -if AppConfig[:google_a_site]
+      :javascript
+        var _gaq = _gaq || [];
+        _gaq.push(['_setAccount', '#{AppConfig[:google_a_site]}']);
+        _gaq.push(['_trackPageview']);
+
+        (function() {
+        var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
+        ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
+        var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
+        })();
+
+    -if AppConfig[:piwik_id]
+      :javascript
+        var pkBaseURL = (("https:" == document.location.protocol) ? "https://#{AppConfig[:piwik_url]}/" : "http://#{AppConfig[:piwik_url]}/");
+        document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
+      :javascript
+        try {
+        var piwikTracker = Piwik.getTracker(pkBaseURL + "piwik.php", #{AppConfig[:piwik_id]});
+        piwikTracker.trackPageView();
+        piwikTracker.enableLinkTracking();
+        } catch( err ) {}
+
+
+  %body{:class => "#{yield(:body_class)}"}
+    %header
+      = image_tag('asterisk_white.png', :height => 25, :width => 25, :id => 'asterisk')
+      Grant Account Access
+
+    = yield
+
+    %footer
+      = "logged in as #{current_user.name}"
+
diff --git a/config/assets.yml b/config/assets.yml
index e18c138ec..d97e78959 100644
--- a/config/assets.yml
+++ b/config/assets.yml
@@ -86,6 +86,12 @@ stylesheets:
     - public/stylesheets/vendor/fileuploader.css
     - public/stylesheets/vendor/tipsy.css
     - public/stylesheets/vendor/autoSuggest.css
+
+  popup:
+    - public/stylesheets/application.css
+    - public/stylesheets/popup.css
+    - public/stylesheets/ui.css
+
   rtl:
     - public/stylesheets/rtl.css
  
diff --git a/public/images/asterisk.png b/public/images/asterisk.png
index 9e181f5f3..140ede770 100644
Binary files a/public/images/asterisk.png and b/public/images/asterisk.png differ
diff --git a/public/images/asterisk_white.png b/public/images/asterisk_white.png
new file mode 100644
index 000000000..308299ecf
Binary files /dev/null and b/public/images/asterisk_white.png differ
diff --git a/public/images/icons/photo.svg b/public/images/icons/photo.svg
new file mode 100644
index 000000000..554f63217
--- /dev/null
+++ b/public/images/icons/photo.svg
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 14.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 43363)  -->
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.0//EN" "http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd">
+<svg version="1.0" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 width="100px" height="72.956px" viewBox="0 0 100 72.956" enable-background="new 0 0 100 72.956" xml:space="preserve">
+<path d="M100,72.956H0V0h100V72.956L100,72.956z M8.804,64.151h82.391V8.804H8.804V64.151L8.804,64.151z"/>
+<circle cx="77.185" cy="21.679" r="6.066"/>
+<path d="M86.906,57.769c-6.08-7.512-12.161-15.023-18.242-22.536c-0.033-0.041-0.066-0.082-0.1-0.122
+	c-0.116-0.144-0.322-0.098-0.444,0c-3.742,2.985-7.484,5.97-11.227,8.955c-6.508-8.08-13.016-16.16-19.524-24.24
+	c-1.11-1.378-2.221-2.757-3.331-4.136c-0.123-0.152-0.411-0.107-0.494,0.063c-4.398,9.029-8.797,18.058-13.196,27.087
+	c-2.435,4.997-4.869,9.995-7.304,14.992c-0.034,0.07-0.041,0.139-0.029,0.201c0.015,0.132,0.104,0.252,0.264,0.269
+	c0.04,0.009,0.08,0.011,0.119,0.004c7.917,0,15.833,0,23.748,0c13.015,0,26.028,0,39.042,0c3.499,0,6.998,0,10.497,0
+	C86.98,58.306,87.071,57.973,86.906,57.769z"/>
+</svg>
diff --git a/public/stylesheets/sass/popup.scss b/public/stylesheets/sass/popup.scss
new file mode 100644
index 000000000..86c84da0b
--- /dev/null
+++ b/public/stylesheets/sass/popup.scss
@@ -0,0 +1,85 @@
+//   Copyright (c) 2010, Diaspora Inc.  This file is
+//   licensed under the Affero General Public License version 3 or later.  See
+//   the COPYRIGHT file.
+
+@import "mixins";
+
+
+body, html, header, footer, ul{
+  padding: 0;
+  margin: 0;
+}
+
+header,
+footer{
+  width: 100%;
+}
+
+header{
+  position: relative;
+  font-size: 14px;
+  font-weight: bold;
+  color: #fff;
+  vertical-align: top;
+  margin-bottom: 20px;
+
+  #asterisk{
+    margin-right: 3px;
+  }
+}
+
+footer{
+  position: absolute;
+  background-color: #eee;
+  border-top: 1px solid #ccc;
+  bottom: 0;
+  left: 0;
+}
+
+#popup-contents{
+  width: 700px;
+  text-align:center;
+}
+
+#popup-content-left,
+#popup-content-right{
+  text-align: left;
+  display: inline-block;
+  vertical-align: top;
+  padding: 20px;
+}
+
+#popup-content-left{
+  width: 400px;
+}
+
+#popup-content-right{
+  width: 200px;
+  border-left: 3px solid #555;
+  text-align: center;
+}
+
+ul#requested-scopes{
+  padding-left: 20px;
+  margin-top: 5px;
+
+  li{
+    position: relative;
+    padding: 5px;
+    padding-left: 50px;
+    min-height: 40px;
+    margin-bottom: 15px;
+  }
+
+  .scope-photo{
+    height: 35px;
+    width: 35px;
+    left: 0;
+    position: absolute;
+
+    *{
+      max-height: 100%;
+      max-width: 100%;
+    }
+  }
+}