diff --git a/app/models/protected_branch/push_access_level.rb b/app/models/protected_branch/push_access_level.rb
index 66fe57be25fda05fddcca9bcec83e8372e89e794..c86ca5723fa39f989c70d702597d621c800a36a8 100644
--- a/app/models/protected_branch/push_access_level.rb
+++ b/app/models/protected_branch/push_access_level.rb
@@ -21,6 +21,12 @@ def type
     end
   end
 
+  def humanize
+    return "Deploy key" if deploy_key.present?
+
+    super
+  end
+
   def check_access(user)
     if user && deploy_key.present?
       return user.can?(:read_project, project) && enabled_deploy_key_for_user?(deploy_key, user)
diff --git a/app/models/protected_tag/create_access_level.rb b/app/models/protected_tag/create_access_level.rb
index abb233d3800fd1f31df7d8599b5a9bc9ade76ac7..785e7559212bfbb7dd5d9974dcc0fd807e6f1f60 100644
--- a/app/models/protected_tag/create_access_level.rb
+++ b/app/models/protected_tag/create_access_level.rb
@@ -19,6 +19,12 @@ def type
     end
   end
 
+  def humanize
+    return "Deploy key" if deploy_key.present?
+
+    super
+  end
+
   def check_access(user)
     return false if access_level == Gitlab::Access::NO_ACCESS
 
diff --git a/lib/api/entities/protected_ref_access.rb b/lib/api/entities/protected_ref_access.rb
index ba28c724448671853b5464e320b06ec992db6085..28e0ef540d5aaf70cad376349965fd067fb98af5 100644
--- a/lib/api/entities/protected_ref_access.rb
+++ b/lib/api/entities/protected_ref_access.rb
@@ -9,6 +9,8 @@ class ProtectedRefAccess < Grape::Entity
         documentation: { type: 'string', example: 'Maintainers' } do |protected_ref_access|
           protected_ref_access.humanize
         end
+      expose :deploy_key_id, documentation: { type: 'integer', example: 1 },
+        if: ->(access) { access.has_attribute?(:deploy_key_id) && access.deploy_key_id }
     end
   end
 end
diff --git a/spec/requests/api/protected_branches_spec.rb b/spec/requests/api/protected_branches_spec.rb
index 622e57edf6a5ce1ec660af45b6746db448088c92..04d5f7ac20a92a6354683073282c665fb92bf1ce 100644
--- a/spec/requests/api/protected_branches_spec.rb
+++ b/spec/requests/api/protected_branches_spec.rb
@@ -110,6 +110,21 @@
 
         it_behaves_like 'protected branch'
       end
+
+      context 'when a deploy key is present' do
+        let(:deploy_key) do
+          create(:deploy_key, deploy_keys_projects: [create(:deploy_keys_project, :write_access, project: project)])
+        end
+
+        it 'returns deploy key information' do
+          create(:protected_branch_push_access_level, protected_branch: protected_branch, deploy_key: deploy_key)
+          get api(route, user)
+
+          expect(json_response['push_access_levels']).to include(
+            a_hash_including('access_level_description' => 'Deploy key', 'deploy_key_id' => deploy_key.id)
+          )
+        end
+      end
     end
 
     context 'when authenticated as a developer' do
diff --git a/spec/requests/api/protected_tags_spec.rb b/spec/requests/api/protected_tags_spec.rb
index 5b128d4ec9e48bacf832795d5a9e322fc9144983..c6398e624f8024342e51eed9e4e91a1316fe62e2 100644
--- a/spec/requests/api/protected_tags_spec.rb
+++ b/spec/requests/api/protected_tags_spec.rb
@@ -84,6 +84,21 @@
 
         it_behaves_like 'protected tag'
       end
+
+      context 'when a deploy key is present' do
+        let(:deploy_key) do
+          create(:deploy_key, deploy_keys_projects: [create(:deploy_keys_project, :write_access, project: project)])
+        end
+
+        it 'returns deploy key information' do
+          create(:protected_tag_create_access_level, protected_tag: protected_tag, deploy_key: deploy_key)
+          get api(route, user)
+
+          expect(json_response['create_access_levels']).to include(
+            a_hash_including('access_level_description' => 'Deploy key', 'deploy_key_id' => deploy_key.id)
+          )
+        end
+      end
     end
 
     context 'when authenticated as a guest' do