Thanks for the patch, this is a very useful feature indeed!
However, I'm wondering whether it is a good idea to let any user with the "administer users" permission view the key authentication tab? Sure, they cannot edit the authentication key without the appropriate permission, but they can still see and potentially disclose or abuse this information.
In my opinion, it would be better to remove the "administer users" permission from the access check in UserKeyAuthForm, so that access is only granted if the user has the appropriate permissions from the key_auth module. If a role who manages users needs to view the key authentication tab, they can simply be assigned an additional role.
reinimax → created an issue.