diff --git a/src/main/java/de/ozgcloud/admin/security/SecurityConfiguration.java b/src/main/java/de/ozgcloud/admin/security/SecurityConfiguration.java
index 7f5568322485399f5b65854febd831d248f2b961..cacf20954b0863f149c2bd2c529cacc9daef6ce5 100644
--- a/src/main/java/de/ozgcloud/admin/security/SecurityConfiguration.java
+++ b/src/main/java/de/ozgcloud/admin/security/SecurityConfiguration.java
@@ -33,6 +33,7 @@ import org.springframework.security.oauth2.core.oidc.StandardClaimNames;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
 import org.springframework.security.web.SecurityFilterChain;
 
+import de.ozgcloud.admin.common.user.UserRole;
 import lombok.RequiredArgsConstructor;
 
 @Configuration
@@ -54,8 +55,8 @@ public class SecurityConfiguration {
 
 		http.authorizeHttpRequests(requests -> requests
 				.requestMatchers(HttpMethod.GET, "/api/environment").permitAll()
-				.requestMatchers("/api/configuration/settings").hasRole("ADMIN_ADMIN")
-				.requestMatchers("/api/configuration/settings/**").hasRole("ADMIN_ADMIN")
+				.requestMatchers("/api/configuration/settings").hasRole(UserRole.ADMIN_USER)
+				.requestMatchers("/api/configuration/settings/**").hasRole(UserRole.ADMIN_USER)
 				.requestMatchers("/api").authenticated()
 				.requestMatchers("/api/**").authenticated()
 				.requestMatchers("/actuator").permitAll()
diff --git a/src/test/java/de/ozgcloud/admin/security/SecurityConfigurationITCase.java b/src/test/java/de/ozgcloud/admin/security/SecurityConfigurationITCase.java
index e9fb3386f80bf1d210b16ad0ec28daf38295937e..c20d573b6f9804487bf8e26fc4433811f1798726 100644
--- a/src/test/java/de/ozgcloud/admin/security/SecurityConfigurationITCase.java
+++ b/src/test/java/de/ozgcloud/admin/security/SecurityConfigurationITCase.java
@@ -37,6 +37,7 @@ import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.ResultActions;
 
+import de.ozgcloud.admin.common.user.UserRole;
 import de.ozgcloud.common.test.DataITCase;
 import lombok.SneakyThrows;
 
@@ -177,7 +178,7 @@ class SecurityConfigurationITCase {
 	class TestWithAdminRole {
 		@Test
 		@SneakyThrows
-		@WithMockUser(roles = "ADMIN_ADMIN")
+		@WithMockUser(roles = UserRole.ADMIN_USER)
 		void shouldAllow() {
 			var result = mockMvc.perform(get("/api/configuration/settings"));
 
diff --git a/src/test/java/de/ozgcloud/admin/settings/SettingsITCase.java b/src/test/java/de/ozgcloud/admin/settings/SettingsITCase.java
index 8b21102c73aaec826c2d6a62d0fd5ab59620556f..b91713a8315b4a800661d9ee4218fa7f6db13fd1 100644
--- a/src/test/java/de/ozgcloud/admin/settings/SettingsITCase.java
+++ b/src/test/java/de/ozgcloud/admin/settings/SettingsITCase.java
@@ -36,12 +36,13 @@ import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.ResultActions;
 
+import de.ozgcloud.admin.common.user.UserRole;
 import de.ozgcloud.common.test.DataITCase;
 import lombok.SneakyThrows;
 
 @DataITCase
 @AutoConfigureMockMvc
-@WithMockUser
+@WithMockUser(roles = UserRole.ADMIN_USER)
 class SettingsITCase {
 
 	@Autowired
diff --git a/src/test/java/de/ozgcloud/admin/settings/postfach/PostfachITCase.java b/src/test/java/de/ozgcloud/admin/settings/postfach/PostfachITCase.java
index a00766eebadd1f1b62e1fad29bd46b85ab07ccc6..657c9c50605868b11d28de7b2f856be60b0ed1ac 100644
--- a/src/test/java/de/ozgcloud/admin/settings/postfach/PostfachITCase.java
+++ b/src/test/java/de/ozgcloud/admin/settings/postfach/PostfachITCase.java
@@ -24,6 +24,7 @@ import org.springframework.test.web.servlet.ResultActions;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 
+import de.ozgcloud.admin.common.user.UserRole;
 import de.ozgcloud.admin.settings.Settings;
 import de.ozgcloud.admin.settings.SettingsBody;
 import de.ozgcloud.admin.settings.SettingsConstants;
@@ -33,7 +34,7 @@ import lombok.SneakyThrows;
 
 @DataITCase
 @AutoConfigureMockMvc
-@WithMockUser
+@WithMockUser(roles = UserRole.ADMIN_USER)
 class PostfachITCase {
 	private static final String POSTFACH_NAME = "Postfach";