diff --git a/open-webui/main.yaml b/open-webui/main.yaml
index 454797f..67a5196 100644
--- a/open-webui/main.yaml
+++ b/open-webui/main.yaml
@@ -213,7 +213,7 @@ spec:
         - name: ENABLE_OAUTH_ROLE_MANAGEMENT
           value: "True"
         - name: OAUTH_ROLES_CLAIM
-          value: realm_roles
+          value: realm_access.roles
         - name: OAUTH_ALLOWED_ROLES
           value: default-roles-home
         - name: OAUTH_ADMIN_ROLES
diff --git a/open-webui/src/values.yaml b/open-webui/src/values.yaml
index 5f7d69f..fe3e77b 100644
--- a/open-webui/src/values.yaml
+++ b/open-webui/src/values.yaml
@@ -656,7 +656,7 @@ sso:
   roleManagement:
     # -- The claim that contains the roles (can be nested, e.g., user.roles)
     # @section -- Role management configuration
-    rolesClaim: realm_roles
+    rolesClaim: realm_access.roles
     # -- Comma-separated list of roles allowed to log in (receive open webui role user)
     # @section -- Role management configuration
     allowedRoles: "default-roles-home"