diff --git a/common/models/user.js b/common/models/user.js
index 92df8f0ff..27fafa7c4 100644
--- a/common/models/user.js
+++ b/common/models/user.js
@@ -605,7 +605,7 @@ module.exports = function(User) {
         return cb(err);
       }
 
-      user.accessTokens.create({ ttl: ttl }, function(err, accessToken) {
+      user.createAccessToken(ttl, function(err, accessToken) {
         if (err) {
           return cb(err);
         }
diff --git a/test/user.test.js b/test/user.test.js
index 01c42e7fb..18967744f 100644
--- a/test/user.test.js
+++ b/test/user.test.js
@@ -1884,6 +1884,19 @@ describe('User', function() {
         });
       });
 
+      it('calls createAccessToken() to create the token', function(done) {
+        User.prototype.createAccessToken = function(ttl, cb) {
+          cb(null, new AccessToken({id: 'custom-token'}));
+        };
+
+        User.resetPassword({email: options.email}, function() {});
+
+        User.once('resetPasswordRequest', function(info) {
+          expect(info.accessToken.id).to.equal('custom-token');
+          done();
+        });
+      });
+
       it('Password reset over REST rejected without email address', function(done) {
         request(app)
           .post('/test-users/reset')