diff --git a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/OidcConfigAdminController.java b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/OidcConfigAdminController.java
index d7407c26..a7d500c6 100644
--- a/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/OidcConfigAdminController.java
+++ b/cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/OidcConfigAdminController.java
@@ -98,7 +98,7 @@ public class OidcConfigAdminController {
                 request.issuerUri() != null ? request.issuerUri() : "",
                 request.clientId() != null ? request.clientId() : "",
                 clientSecret,
-                request.rolesClaim() != null ? request.rolesClaim() : "realm_access.roles",
+                request.rolesClaim() != null ? request.rolesClaim() : "roles",
                 request.defaultRoles() != null ? request.defaultRoles() : List.of("VIEWER"),
                 request.autoSignup(),
                 request.displayNameClaim() != null ? request.displayNameClaim() : "name"
diff --git a/cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/OidcConfig.java b/cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/OidcConfig.java
index 0c7654f6..cbcc2888 100644
--- a/cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/OidcConfig.java
+++ b/cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/OidcConfig.java
@@ -25,6 +25,6 @@ public record OidcConfig(
         String displayNameClaim
 ) {
     public static OidcConfig disabled() {
-        return new OidcConfig(false, "", "", "", "realm_access.roles", List.of("VIEWER"), true, "name");
+        return new OidcConfig(false, "", "", "", "roles", List.of("VIEWER"), true, "name");
     }
 }