diff --git a/roles/web-app-lam/config/main.yml b/roles/web-app-lam/config/main.yml
index 4d5a775a..e56c83fb 100644
--- a/roles/web-app-lam/config/main.yml
+++ b/roles/web-app-lam/config/main.yml
@@ -4,7 +4,7 @@ oauth2_proxy:
   application:                  application
   port:                         80
   allowed_groups:
-    - "web-app-lam-administrator"
+    - "/roles/web-app-lam-administrator"
 features:
   matomo:                       true
   css:                          true
diff --git a/roles/web-app-pgadmin/config/main.yml b/roles/web-app-pgadmin/config/main.yml
index 2ac05869..202675eb 100644
--- a/roles/web-app-pgadmin/config/main.yml
+++ b/roles/web-app-pgadmin/config/main.yml
@@ -5,7 +5,7 @@ oauth2_proxy:
   application:            "application"
   port:                   "80"
   allowed_groups:
-    - "web-app-pgadmin-administrator"
+    - "/roles/web-app-pgadmin-administrator"
 features:
   matomo:                 true
   css:                    true
diff --git a/roles/web-app-phpldapadmin/config/main.yml b/roles/web-app-phpldapadmin/config/main.yml
index 77f88cef..50fc12cb 100644
--- a/roles/web-app-phpldapadmin/config/main.yml
+++ b/roles/web-app-phpldapadmin/config/main.yml
@@ -3,7 +3,7 @@ oauth2_proxy:
   application:        application  # Needs to be the same as webinterface
   port:               8080         # application port
   allowed_groups:
-    - "web-app-phpldapadmin-administrator"
+    - "/roles/web-app-phpldapadmin-administrator"
 features:
   matomo:             true
   css:                true
diff --git a/roles/web-app-phpmyadmin/config/main.yml b/roles/web-app-phpmyadmin/config/main.yml
index 9e2dfc28..022f7bf4 100644
--- a/roles/web-app-phpmyadmin/config/main.yml
+++ b/roles/web-app-phpmyadmin/config/main.yml
@@ -3,7 +3,7 @@ oauth2_proxy:
   port:               "80"
   application:        "application"
   allowed_groups:
-    - "web-app-phpmyadmin-administrator"
+    - "/roles/web-app-phpmyadmin-administrator"
 features:
   matomo:             true
   css:                false
diff --git a/roles/web-app-yourls/config/main.yml b/roles/web-app-yourls/config/main.yml
index 2abeb5fa..e5b0fe4f 100644
--- a/roles/web-app-yourls/config/main.yml
+++ b/roles/web-app-yourls/config/main.yml
@@ -2,7 +2,7 @@ oauth2_proxy:
   application:        "application"
   port:               "80"
   allowed_groups:
-    - "web-app-yourls-administrator"
+    - "/roles/web-app-yourls-administrator"
   acl:
     blacklist:
       - "/admin/"     # Protects the admin area