diff --git a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java
index f2c579b0..b0d81fd4 100644
--- a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java
+++ b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java
@@ -11,8 +11,6 @@ import com.cameleer3.server.app.security.BootstrapTokenValidator;
 import com.cameleer3.server.core.agent.AgentInfo;
 import com.cameleer3.server.core.agent.AgentRegistryService;
 import com.cameleer3.server.core.agent.AgentState;
-import com.cameleer3.server.core.rbac.RbacService;
-import com.cameleer3.server.core.rbac.SystemRole;
 import com.cameleer3.server.core.security.Ed25519SigningService;
 import com.cameleer3.server.core.security.InvalidTokenException;
 import com.cameleer3.server.core.security.JwtService;
@@ -52,20 +50,17 @@ public class AgentRegistrationController {
     private final BootstrapTokenValidator bootstrapTokenValidator;
     private final JwtService jwtService;
     private final Ed25519SigningService ed25519SigningService;
-    private final RbacService rbacService;
 
     public AgentRegistrationController(AgentRegistryService registryService,
                                         AgentRegistryConfig config,
                                         BootstrapTokenValidator bootstrapTokenValidator,
                                         JwtService jwtService,
-                                        Ed25519SigningService ed25519SigningService,
-                                        RbacService rbacService) {
+                                        Ed25519SigningService ed25519SigningService) {
         this.registryService = registryService;
         this.config = config;
         this.bootstrapTokenValidator = bootstrapTokenValidator;
         this.jwtService = jwtService;
         this.ed25519SigningService = ed25519SigningService;
-        this.rbacService = rbacService;
     }
 
     @PostMapping("/register")
@@ -102,9 +97,6 @@ public class AgentRegistrationController {
                 request.agentId(), request.name(), group, request.version(), routeIds, capabilities);
         log.info("Agent registered: {} (name={}, group={})", request.agentId(), request.name(), group);
 
-        // Assign AGENT role via RBAC
-        rbacService.assignRoleToUser(request.agentId(), SystemRole.AGENT_ID);
-
         // Issue JWT tokens with AGENT role
         List<String> roles = List.of("AGENT");
         String accessToken = jwtService.createAccessToken(request.agentId(), group, roles);