diff --git a/cameleer3-server-app/src/test/java/com/cameleer3/server/app/TestSecurityHelper.java b/cameleer3-server-app/src/test/java/com/cameleer3/server/app/TestSecurityHelper.java
index 97df1b83..bafe8d0a 100644
--- a/cameleer3-server-app/src/test/java/com/cameleer3/server/app/TestSecurityHelper.java
+++ b/cameleer3-server-app/src/test/java/com/cameleer3/server/app/TestSecurityHelper.java
@@ -45,21 +45,22 @@ public class TestSecurityHelper {
      * Returns a valid JWT access token with OPERATOR role.
      */
     public String operatorToken() {
-        return jwtService.createAccessToken("test-operator", "user", List.of("OPERATOR"));
+        // Subject must start with "user:" for JwtAuthenticationFilter to treat it as a UI user token
+        return jwtService.createAccessToken("user:test-operator", "user", List.of("OPERATOR"));
     }
 
     /**
      * Returns a valid JWT access token with ADMIN role.
      */
     public String adminToken() {
-        return jwtService.createAccessToken("test-admin", "user", List.of("ADMIN"));
+        return jwtService.createAccessToken("user:test-admin", "user", List.of("ADMIN"));
     }
 
     /**
      * Returns a valid JWT access token with VIEWER role.
      */
     public String viewerToken() {
-        return jwtService.createAccessToken("test-viewer", "user", List.of("VIEWER"));
+        return jwtService.createAccessToken("user:test-viewer", "user", List.of("VIEWER"));
     }
 
     /**