diff --git a/thehive/app/org/thp/thehive/controllers/v1/UserCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/UserCtrl.scala
index 95928beb13..7c95baff67 100644
--- a/thehive/app/org/thp/thehive/controllers/v1/UserCtrl.scala
+++ b/thehive/app/org/thp/thehive/controllers/v1/UserCtrl.scala
@@ -71,12 +71,15 @@ class UserCtrl @Inject() (
           .current
           .richUserWithCustomRenderer(request.organisation, _.organisationWithRole)
           .getOrFail("User")
-          .map(user =>
+          .map { user =>
+            val scope =
+              if (user._1.organisation == Organisation.administration.name) "admin"
+              else "organisation"
             Results
               .Ok(user.toJson)
               .withHeaders("X-Organisation" -> request.organisation.toString)
-              .withHeaders("X-Permissions" -> user._1.permissions.mkString(","))
-          )
+              .withHeaders("X-Permissions" -> (Permissions.forScope(scope) & user._1.permissions).mkString(","))
+          }
           .recover { case _ => Results.Unauthorized.withHeaders("X-Logout" -> "1") }
       }
 
diff --git a/thehive/app/org/thp/thehive/models/Permissions.scala b/thehive/app/org/thp/thehive/models/Permissions.scala
index f9b9310bcc..d3521dfb6c 100644
--- a/thehive/app/org/thp/thehive/models/Permissions.scala
+++ b/thehive/app/org/thp/thehive/models/Permissions.scala
@@ -42,6 +42,7 @@ object Permissions extends Perms {
       manageOrganisation,
       managePage,
       managePattern,
+      managePlatform,
       manageProcedure,
       manageProfile,
       manageShare,