diff --git a/netbox/users/api/urls.py b/netbox/users/api/urls.py
index 4176cc806..df2e8c25a 100644
--- a/netbox/users/api/urls.py
+++ b/netbox/users/api/urls.py
@@ -12,5 +12,8 @@ router.register('groups', views.GroupViewSet)
 # Permissions
 router.register('permissions', views.ObjectPermissionViewSet)
 
+# User preferences
+router.register('config', views.UserConfigViewSet, basename='userconfig')
+
 app_name = 'users-api'
 urlpatterns = router.urls
diff --git a/netbox/users/api/views.py b/netbox/users/api/views.py
index b799bee19..ef6e94fff 100644
--- a/netbox/users/api/views.py
+++ b/netbox/users/api/views.py
@@ -1,10 +1,15 @@
+from django.contrib.auth.decorators import login_required
 from django.contrib.auth.models import Group, User
 from django.db.models import Count
+from django.utils.decorators import method_decorator
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
 from rest_framework.routers import APIRootView
+from rest_framework.viewsets import ViewSet
 
 from netbox.api.views import ModelViewSet
 from users import filters
-from users.models import ObjectPermission
+from users.models import ObjectPermission, UserConfig
 from utilities.querysets import RestrictedQuerySet
 from . import serializers
 
@@ -41,3 +46,36 @@ class ObjectPermissionViewSet(ModelViewSet):
     queryset = ObjectPermission.objects.prefetch_related('object_types', 'groups', 'users')
     serializer_class = serializers.ObjectPermissionSerializer
     filterset_class = filters.ObjectPermissionFilterSet
+
+
+#
+# User preferences
+#
+
+class UserConfigViewSet(ViewSet):
+    """
+    An API endpoint via which a user can update his or her own UserConfig data (but no one else's).
+    """
+    permission_classes = [IsAuthenticated]
+
+    def get_queryset(self):
+        return UserConfig.objects.filter(user=self.request.user)
+
+    def list(self, request):
+        """
+        Return the UserConfig for the currently authenticated User.
+        """
+        userconfig = self.get_queryset().first()
+
+        return Response(userconfig.data)
+
+    def patch(self, request):
+        """
+        Update the UserConfig for the currently authenticated User.
+        """
+        # TODO: How can we validate this data?
+        userconfig = self.get_queryset().first()
+        userconfig.data.update(request.data)
+        userconfig.save()
+
+        return Response(userconfig.data)