diff --git a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/UiAuthController.java b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/UiAuthController.java
index 1ffcfa6d..6002ae47 100644
--- a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/UiAuthController.java
+++ b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/UiAuthController.java
@@ -94,6 +94,7 @@ public class UiAuthController {
             userRepository.upsert(new UserInfo(
                     subject, "local", "", request.username(), Instant.now()));
             rbacService.assignRoleToUser(subject, SystemRole.ADMIN_ID);
+            rbacService.addUserToGroup(subject, SystemRole.ADMINS_GROUP_ID);
         } catch (Exception e) {
             log.warn("Failed to upsert local user to store (login continues): {}", e.getMessage());
         }
diff --git a/cameleer3-server-app/src/main/resources/db/migration/V2__admin_group_seed.sql b/cameleer3-server-app/src/main/resources/db/migration/V2__admin_group_seed.sql
new file mode 100644
index 00000000..6d683dd3
--- /dev/null
+++ b/cameleer3-server-app/src/main/resources/db/migration/V2__admin_group_seed.sql
@@ -0,0 +1,7 @@
+-- Built-in Admins group
+INSERT INTO groups (id, name) VALUES
+    ('00000000-0000-0000-0000-000000000010', 'Admins');
+
+-- Assign ADMIN role to Admins group
+INSERT INTO group_roles (group_id, role_id) VALUES
+    ('00000000-0000-0000-0000-000000000010', '00000000-0000-0000-0000-000000000004');
diff --git a/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/SystemRole.java b/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/SystemRole.java
index ac439424..1c176dca 100644
--- a/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/SystemRole.java
+++ b/cameleer3-server-core/src/main/java/com/cameleer3/server/core/rbac/SystemRole.java
@@ -12,6 +12,8 @@ public final class SystemRole {
     public static final UUID OPERATOR_ID = UUID.fromString("00000000-0000-0000-0000-000000000003");
     public static final UUID ADMIN_ID    = UUID.fromString("00000000-0000-0000-0000-000000000004");
 
+    public static final UUID ADMINS_GROUP_ID = UUID.fromString("00000000-0000-0000-0000-000000000010");
+
     public static final Set<UUID> IDS = Set.of(AGENT_ID, VIEWER_ID, OPERATOR_ID, ADMIN_ID);
 
     public static final Map<String, UUID> BY_NAME = Map.of(