diff --git a/services/web/server/src/simcore_service_webserver/security/_authz_access_roles.py b/services/web/server/src/simcore_service_webserver/security/_authz_access_roles.py
index 97c511c7ad7..0bd7e6a75eb 100644
--- a/services/web/server/src/simcore_service_webserver/security/_authz_access_roles.py
+++ b/services/web/server/src/simcore_service_webserver/security/_authz_access_roles.py
@@ -104,7 +104,7 @@ class PermissionDict(TypedDict, total=False):
         can=[
             "product.details.*",
             "product.invitations.create",
-            "user.admin.read",
+            "admin.users.read",
         ],
         inherits=[UserRole.TESTER],
     ),
diff --git a/services/web/server/src/simcore_service_webserver/users/_users_rest.py b/services/web/server/src/simcore_service_webserver/users/_users_rest.py
index fb0bbd07c5d..688b024b40a 100644
--- a/services/web/server/src/simcore_service_webserver/users/_users_rest.py
+++ b/services/web/server/src/simcore_service_webserver/users/_users_rest.py
@@ -166,7 +166,7 @@ async def search_users(request: web.Request) -> web.Response:
 
 @routes.get(f"/{API_VTAG}/admin/users:search", name="search_users_for_admin")
 @login_required
-@permission_required("user.admin.read")
+@permission_required("admin.users.read")
 @_handle_users_exceptions
 async def search_users_for_admin(request: web.Request) -> web.Response:
     req_ctx = UsersRequestContext.model_validate(request)
@@ -189,7 +189,7 @@ async def search_users_for_admin(request: web.Request) -> web.Response:
     f"/{API_VTAG}/admin/users:pre-register", name="pre_register_user_for_admin"
 )
 @login_required
-@permission_required("user.admin.read")
+@permission_required("admin.users.read")
 @_handle_users_exceptions
 async def pre_register_user_for_admin(request: web.Request) -> web.Response:
     req_ctx = UsersRequestContext.model_validate(request)