diff --git a/umap/static/umap/js/umap.js b/umap/static/umap/js/umap.js
index a5792c07..2faaa658 100644
--- a/umap/static/umap/js/umap.js
+++ b/umap/static/umap/js/umap.js
@@ -1063,10 +1063,8 @@ U.Map = L.Map.extend({
       window.open(data.login_required)
       return
     }
-    if (data.user?.id) {
-      this.options.user = data.user
-      this.renderEditToolbar()
-    }
+    this.options.user = data.user
+    this.renderEditToolbar()
     if (!this.options.umap_id) {
       this.options.umap_id = data.id
       this.permissions.setOptions(data.permissions)
diff --git a/umap/tests/integration/test_anonymous_owned_map.py b/umap/tests/integration/test_anonymous_owned_map.py
index c406e189..69d7e1b5 100644
--- a/umap/tests/integration/test_anonymous_owned_map.py
+++ b/umap/tests/integration/test_anonymous_owned_map.py
@@ -156,6 +156,7 @@ def test_can_change_perms_after_create(tilelayer, live_server, page):
         ".datalayer-permissions select[name='edit_status'] option:checked"
     )
     expect(option).to_have_text("Inherit")
+    expect(page.get_by_label("Secret edit link:")).to_be_visible()
 
 
 def test_alert_message_after_create(
diff --git a/umap/tests/test_map_views.py b/umap/tests/test_map_views.py
index 03c1adee..8aa9947b 100644
--- a/umap/tests/test_map_views.py
+++ b/umap/tests/test_map_views.py
@@ -368,6 +368,7 @@ def test_anonymous_create(cookieclient, post_data):
     assert (
         created_map.get_anonymous_edit_url() in j["permissions"]["anonymous_edit_url"]
     )
+    assert j["user"]["is_owner"] is True
     assert created_map.name == name
     key, value = created_map.signed_cookie_elements
     assert key in cookieclient.cookies
diff --git a/umap/views.py b/umap/views.py
index a85d4b7a..3091bf1c 100644
--- a/umap/views.py
+++ b/umap/views.py
@@ -863,15 +863,17 @@ class MapCreate(FormLessEditMixin, PermissionsMixin, SessionMixin, CreateView):
             form.instance.owner = self.request.user
         self.object = form.save()
         permissions = self.get_permissions()
+        user_data = self.get_user_data()
         # User does not have the cookie yet.
         if not self.object.owner:
             anonymous_url = self.object.get_anonymous_edit_url()
             permissions["anonymous_edit_url"] = anonymous_url
+            user_data["is_owner"] = True
         response = simple_json_response(
             id=self.object.pk,
             url=self.object.get_absolute_url(),
             permissions=permissions,
-            user=self.get_user_data(),
+            user=user_data,
         )
         if not self.request.user.is_authenticated:
             key, value = self.object.signed_cookie_elements