diff --git a/login/app.py b/login/app.py
index c282165644339f6b28df11aa4c96802019aeec91..87c48c859fcf53c4028d6c39229217c0712de069 100644
--- a/login/app.py
+++ b/login/app.py
@@ -542,7 +542,7 @@ def consent():
     app_obj = db.session.query(App).filter(App.slug==app_name).first()
 
     # Default access level
-    role = 'user'
+    role = ''
     if app_obj:
         role_obj = db.session.query(AppRole).\
                     filter(AppRole.app_id==app_obj.id).\
@@ -551,7 +551,7 @@ def consent():
             role = role_obj.role
 
     # Get claims for this user, provided the current app
-    claims = user.get_claims(app_name)
+    claims = user.get_claims(app_name, none, role)
 
     # pylint: disable=fixme
     # TODO: Need to implement checking claims here, once the backend for that is
diff --git a/login/kratos.py b/login/kratos.py
index fc502573e2a2fe3ba59f59224baa394c1a363ec6..5636841fcc014dc65404a5cb3d353ddb90f510e6 100644
--- a/login/kratos.py
+++ b/login/kratos.py
@@ -325,7 +325,7 @@ class KratosUser():
     # Pylint complains about app not used. That is correct, but we will use that
     # in the future. Ignore this error
     # pylint: disable=unused-argument
-    def get_claims(self, app, mapping = None) -> Dict[str, Dict[str, str]]:
+    def get_claims(self, app, mapping = None, role) -> Dict[str, Dict[str, str]]:
         """Create openID Connect token
         Use the userdata stored in the user object to create an OpenID Connect token.
         The token returned by this function can be passed to Hydra,
@@ -358,7 +358,7 @@ class KratosUser():
             "name": name,
             "preferred_username": username,
             "email": self.email,
-            "roles": '',
+            "stackspin_roles": role,
         }