diff --git a/soroban-env-host/src/native_contract/token/contract.rs b/soroban-env-host/src/native_contract/token/contract.rs
index 68daac4db..4e35c9fde 100644
--- a/soroban-env-host/src/native_contract/token/contract.rs
+++ b/soroban-env-host/src/native_contract/token/contract.rs
@@ -72,6 +72,8 @@ pub trait TokenTrait {
 
     fn set_admin(e: &Host, new_admin: Address) -> Result<(), HostError>;
 
+    fn admin(e: &Host) -> Result<Address, HostError>;
+
     fn decimals(e: &Host) -> Result<u32, HostError>;
 
     fn name(e: &Host) -> Result<String, HostError>;
@@ -329,6 +331,10 @@ impl TokenTrait for Token {
         Ok(())
     }
 
+    fn admin(e: &Host) -> Result<Address, HostError> {
+        read_administrator(e)
+    }
+
     fn decimals(_e: &Host) -> Result<u32, HostError> {
         // no need to load metadata since this is fixed for all SAC tokens
         Ok(DECIMAL)
diff --git a/soroban-env-host/src/native_contract/token/test_token.rs b/soroban-env-host/src/native_contract/token/test_token.rs
index b84eab272..4902dbcb4 100644
--- a/soroban-env-host/src/native_contract/token/test_token.rs
+++ b/soroban-env-host/src/native_contract/token/test_token.rs
@@ -210,6 +210,16 @@ impl<'a> TestToken<'a> {
         self.call_with_single_signer(admin, "set_admin", host_vec![self.host, new_admin])
     }
 
+    pub(crate) fn admin(&self) -> Result<Address, HostError> {
+        self.host
+            .call(
+                self.address.clone().into(),
+                Symbol::try_from_val(self.host, &"admin")?,
+                host_vec![self.host].into(),
+            )?
+            .try_into_val(self.host)
+    }
+
     pub(crate) fn decimals(&self) -> Result<u32, HostError> {
         Ok(self
             .host
diff --git a/soroban-env-host/src/test/token.rs b/soroban-env-host/src/test/token.rs
index 63966fa6d..2f6c70d62 100644
--- a/soroban-env-host/src/test/token.rs
+++ b/soroban-env-host/src/test/token.rs
@@ -338,6 +338,7 @@ fn test_native_token_smart_roundtrip() {
 
     // Also can't set a new admin (and there is no admin in the first place).
     assert!(token.set_admin(&user, user.address(&test.host)).is_err());
+    assert!(token.admin().is_err());
 
     assert_eq!(test.get_native_balance(&account_id), 100_000_000);
     assert_eq!(
@@ -1166,11 +1167,21 @@ fn test_set_admin() {
     test.create_default_account(&user);
     test.create_default_trustline(&user);
 
+    assert_eq!(
+        token.admin().unwrap().to_sc_address().unwrap(),
+        admin.address(&test.host).to_sc_address().unwrap()
+    );
+
     // Give admin rights to the new admin.
     token
         .set_admin(&admin, new_admin.address(&test.host))
         .unwrap();
 
+    assert_eq!(
+        token.admin().unwrap().to_sc_address().unwrap(),
+        new_admin.address(&test.host).to_sc_address().unwrap()
+    );
+
     // Make sure admin functions are unavailable to the old admin.
     assert_eq!(
         token