diff --git a/cliapp/cliapp/cli.py b/cliapp/cliapp/cli.py
index 6735cb2030ec4b81ebd5fc0179c1626446bfd23e..75194a1c5e640ed2f7d83ad45f14eb82941325a0 100644
--- a/cliapp/cliapp/cli.py
+++ b/cliapp/cliapp/cli.py
@@ -116,13 +116,13 @@ cli.cli.add_command(app_cli)
 @click.argument("app_slug")
 @click.argument("role")
 def setrole(email, app_slug, role):
-    """Set role for a sure
+    """Set role for a user
     :param email: Email address of user to assign role
     :param app_slug: Slug name of the app, for example 'nextcloud'
     :param role: Role to assign. currently only 'admin', 'user'
     """
 
-    current_app.logger.info(f"Assiging role {role} to {email} for app {app_slug}")
+    current_app.logger.info(f"Assigning role {role} to {email} for app {app_slug}")
 
     # Find user
     user = KratosUser.find_by_email(KRATOS_ADMIN, email)
@@ -177,6 +177,14 @@ def show_user(email):
         print(f"Updated:  {user.updated_at}")
         print(f"Created:  {user.created_at}")
         print(f"State:    {user.state}")
+        print(f"Roles:")
+        results = db.session.query(AppRole, Role).join(App, Role)\
+            .add_entity(App).add_entity(Role)\
+            .filter(AppRole.user_id == user.uuid)
+        for entry in results:
+            app = entry[-2]
+            role = entry[-1]
+            print(f"  {role.name: >9} on {app.name}")
     else:
         print(f"User with email address '{email}' was not found")