diff --git a/modules/structs/user_key.go b/modules/structs/user_key.go
index b92552b200..a984a813f3 100644
--- a/modules/structs/user_key.go
+++ b/modules/structs/user_key.go
@@ -19,4 +19,7 @@ type PublicKey struct {
 	Owner    *User     `json:"user,omitempty"`
 	ReadOnly bool      `json:"read_only,omitempty"`
 	KeyType  string    `json:"key_type,omitempty"`
+	// swagger:strfmt date-time
+	Updated  time.Time `json:"updated_at,omitzero"`
+	Verified bool      `json:"verified"`
 }
diff --git a/services/convert/convert.go b/services/convert/convert.go
index 1f52511188..49949ac0e0 100644
--- a/services/convert/convert.go
+++ b/services/convert/convert.go
@@ -259,6 +259,8 @@ func ToPublicKey(apiLink string, key *asymkey_model.PublicKey) *api.PublicKey {
 		Title:       key.Name,
 		Fingerprint: key.Fingerprint,
 		Created:     key.CreatedUnix.AsTime(),
+		Updated:     key.UpdatedUnix.AsTime(),
+		Verified:    key.Verified,
 	}
 }
 
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index 66a1f01515..e70ed513fb 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -28498,12 +28498,21 @@
           "type": "string",
           "x-go-name": "Title"
         },
+        "updated_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "Updated"
+        },
         "url": {
           "type": "string",
           "x-go-name": "URL"
         },
         "user": {
           "$ref": "#/definitions/User"
+        },
+        "verified": {
+          "type": "boolean",
+          "x-go-name": "Verified"
         }
       },
       "x-go-package": "forgejo.org/modules/structs"
diff --git a/tests/integration/api_keys_test.go b/tests/integration/api_keys_test.go
index a6f0fbe69b..036896b663 100644
--- a/tests/integration/api_keys_test.go
+++ b/tests/integration/api_keys_test.go
@@ -144,11 +144,11 @@ func TestCreateUserKey(t *testing.T) {
 	})
 
 	// Search by fingerprint
+	var fingerprintPublicKeys []api.PublicKey
 	req = NewRequest(t, "GET", fmt.Sprintf("/api/v1/user/keys?fingerprint=%s", newPublicKey.Fingerprint)).
 		AddTokenAuth(token)
 	resp = MakeRequest(t, req, http.StatusOK)
 
-	var fingerprintPublicKeys []api.PublicKey
 	DecodeJSON(t, resp, &fingerprintPublicKeys)
 	assert.Equal(t, newPublicKey.Fingerprint, fingerprintPublicKeys[0].Fingerprint)
 	assert.Equal(t, newPublicKey.ID, fingerprintPublicKeys[0].ID)
@@ -210,4 +210,21 @@ func TestCreateUserKey(t *testing.T) {
 
 	DecodeJSON(t, resp, &fingerprintPublicKeys)
 	assert.Empty(t, fingerprintPublicKeys)
+
+	// -------------
+
+	// Key is initially unverified
+	var respPublicKeys []api.PublicKey
+	req = NewRequestWithJSON(t, "GET", "/api/v1/user/keys", rawKeyBody).
+		AddTokenAuth(token)
+	resp = MakeRequest(t, req, http.StatusOK)
+	DecodeJSON(t, resp, &respPublicKeys)
+	assert.False(t, respPublicKeys[0].Verified)
+	assert.Equal(t, respPublicKeys[0].Created, newPublicKey.Updated)
+
+	// Ideally we would flip the verified bit here, but this currently would require:
+	// a) (i) having the private key to hand to generate a signature AND (ii) hitting the web UI (no API to verify)
+	// OR
+	// b) or adding code to flip the bool in the db. This requires bypassing the current
+	// cryptographic validation guarding that update), which weakens the codebase doesn't add much value.
 }