diff --git a/js/apps/admin-ui/src/clients/routes/ClientRole.tsx b/js/apps/admin-ui/src/clients/routes/ClientRole.tsx
index d9e5fbb54c..4ac2157006 100644
--- a/js/apps/admin-ui/src/clients/routes/ClientRole.tsx
+++ b/js/apps/admin-ui/src/clients/routes/ClientRole.tsx
@@ -23,7 +23,7 @@ export const ClientRoleRoute: AppRouteObject = {
element: ,
breadcrumb: (t) => t("roleDetails"),
handle: {
- access: "view-clients",
+ access: "query-clients",
},
} satisfies AppRouteObject;
diff --git a/js/apps/admin-ui/src/realm-roles/RealmRoleTabs.tsx b/js/apps/admin-ui/src/realm-roles/RealmRoleTabs.tsx
index 0bd3c002a4..4ee305b175 100644
--- a/js/apps/admin-ui/src/realm-roles/RealmRoleTabs.tsx
+++ b/js/apps/admin-ui/src/realm-roles/RealmRoleTabs.tsx
@@ -52,6 +52,7 @@ import { useParams } from "../utils/useParams";
import { UsersInRoleTab } from "./UsersInRoleTab";
import { RealmRoleRoute, RealmRoleTab, toRealmRole } from "./routes/RealmRole";
import { toRealmRoles } from "./routes/RealmRoles";
+import { useAccess } from "../context/access/Access";
export default function RealmRoleTabs() {
const { adminClient } = useAdminClient();
@@ -76,6 +77,12 @@ export default function RealmRoleTabs() {
const { addAlert, addError } = useAlerts();
+ const { hasAccess } = useAccess();
+ const canViewPermissionsTab = hasAccess(
+ "query-clients",
+ "manage-authorization",
+ );
+
const [open, setOpen] = useState(false);
const convert = (role: RoleRepresentation) => {
const { attributes, ...rest } = role;
@@ -385,14 +392,15 @@ export default function RealmRoleTabs() {
)}
- {isFeatureEnabled(Feature.AdminFineGrainedAuthz) && (
- {t("permissions")}}
- {...permissionsTab}
- >
-
-
- )}
+ {isFeatureEnabled(Feature.AdminFineGrainedAuthz) &&
+ canViewPermissionsTab && (
+ {t("permissions")}}
+ {...permissionsTab}
+ >
+
+
+ )}