diff --git a/ScalliGraph b/ScalliGraph
index 832f8c8e21..941ee3526b 160000
--- a/ScalliGraph
+++ b/ScalliGraph
@@ -1 +1 @@
-Subproject commit 832f8c8e210ac5dfb83be941e00f209b8a06ef53
+Subproject commit 941ee3526bc3bb8cf808954b5a2ab716322e9dc3
diff --git a/thehive/app/org/thp/thehive/controllers/v1/UserCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/UserCtrl.scala
index 21fa8dbc1e..5a1c9ca06b 100644
--- a/thehive/app/org/thp/thehive/controllers/v1/UserCtrl.scala
+++ b/thehive/app/org/thp/thehive/controllers/v1/UserCtrl.scala
@@ -68,7 +68,12 @@ class UserCtrl @Inject() (
           .current
           .richUserWithCustomRenderer(request.organisation, _.organisationWithRole.map(_.asScala.toSeq))
           .getOrFail("User")
-          .map(user => Results.Ok(user.toJson).withHeaders("X-Organisation" -> request.organisation))
+          .map(user =>
+            Results
+              .Ok(user.toJson)
+              .withHeaders("X-Organisation" -> request.organisation)
+              .withHeaders("X-Permissions" -> user._1.permissions.mkString(","))
+          )
       }
 
   def create: Action[AnyContent] =
diff --git a/thehive/app/org/thp/thehive/services/LocalUserSrv.scala b/thehive/app/org/thp/thehive/services/LocalUserSrv.scala
index 890b1ac244..d01214cf27 100644
--- a/thehive/app/org/thp/thehive/services/LocalUserSrv.scala
+++ b/thehive/app/org/thp/thehive/services/LocalUserSrv.scala
@@ -37,7 +37,7 @@ class LocalUserSrv @Inject() (
               userSteps
                 .getAuthContext(requestId, Organisation.administration.name)
                 .headOption()
-                .map(_.changeOrganisation(org))
+                .map(authContext => authContext.changeOrganisation(org, authContext.permissions))
             }
           }
           .fold[Try[AuthContext]](Failure(AuthenticationError("Authentication failure")))(Success.apply)