diff --git a/lemarche/users/admin.py b/lemarche/users/admin.py
index 9f9f71343..68d221e6f 100644
--- a/lemarche/users/admin.py
+++ b/lemarche/users/admin.py
@@ -258,7 +258,7 @@ class UserAdmin(FieldsetsInlineMixin, UserAdmin):
                 )
             },
         ),
-        ("API", {"fields": ("api_key", "api_key_last_updated")}),
+        ("API", {"fields": ("api_key", "old_api_keys", "api_key_last_updated")}),
         (
             "Permissions",
             {"classes": ["collapse"], "fields": ("is_active", "is_staff", "is_superuser", "groups")},
diff --git a/lemarche/users/migrations/0040_user_old_api_keys.py b/lemarche/users/migrations/0040_user_old_api_keys.py
new file mode 100644
index 000000000..ae4e39e3f
--- /dev/null
+++ b/lemarche/users/migrations/0040_user_old_api_keys.py
@@ -0,0 +1,17 @@
+# Generated by Django 4.2.15 on 2024-11-20 14:18
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("users", "0039_remove_user_user_email_ci_uniqueness_and_more"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="user",
+            name="old_api_keys",
+            field=models.JSONField(blank=True, default=list, verbose_name="Anciennes clés API"),
+        ),
+    ]
diff --git a/lemarche/users/models.py b/lemarche/users/models.py
index 6cbdb843b..61558166d 100644
--- a/lemarche/users/models.py
+++ b/lemarche/users/models.py
@@ -5,7 +5,7 @@
 from django.db import models
 from django.db.models import Count
 from django.db.models.functions import Greatest, Lower
-from django.db.models.signals import post_save
+from django.db.models.signals import post_save, pre_save
 from django.dispatch import receiver
 from django.forms.models import model_to_dict
 from django.utils import timezone
@@ -231,6 +231,7 @@ class User(AbstractUser):
     )
 
     api_key = models.CharField(verbose_name="Clé API", max_length=128, unique=True, blank=True, null=True)
+    old_api_keys = models.JSONField(verbose_name="Anciennes clés API", blank=True, default=list)
     api_key_last_updated = models.DateTimeField(
         verbose_name="Date de dernière mise à jour de la clé API", blank=True, null=True
     )
@@ -410,6 +411,24 @@ def tender_siae_unread_count(self):
         return Tender.objects.unread(self).count()
 
 
+@receiver(pre_save, sender=User)
+def update_old_api_keys(sender, instance, **kwargs):
+    """
+    Before saving a user, add the old value of `api_key` to `old_api_keys`
+    if `api_key` has been modified.
+    """
+    if instance.pk:  # Check if the user already exists (not a new creation)
+        try:
+            old_instance = sender.objects.get(pk=instance.pk)
+            if old_instance.api_key != instance.api_key and old_instance.api_key:
+                # Add the old key to the list of old keys
+                if instance.old_api_keys is None:
+                    instance.old_api_keys = list()
+                instance.old_api_keys.append(old_instance.api_key)
+        except sender.DoesNotExist:
+            pass  # The user does not exist yet
+
+
 @receiver(post_save, sender=User)
 def user_post_save(sender, instance, **kwargs):
     if settings.BITOUBI_ENV == "prod":