diff --git a/ClientApp/staff-db-ui/src/app/shared/core/models/coreuser.ts b/ClientApp/staff-db-ui/src/app/shared/core/models/coreuser.ts
index 8d9d3b4..f166ad8 100644
--- a/ClientApp/staff-db-ui/src/app/shared/core/models/coreuser.ts
+++ b/ClientApp/staff-db-ui/src/app/shared/core/models/coreuser.ts
@@ -8,9 +8,9 @@ export interface UserRole {
 
 
 export const enum EN_UserRoles {
-  User = 'user',
-  Master = 'master',
-  Admin = 'admin',
+  User = 'sDigital Data - IIM-Benutzer',
+  Master = 'sDigital Data - IIM-Administratoren',
+  Admin = 'sDigital Data - IIM-Administratoren',
   DepartmentMaster = 'departmentmaster',
   DepartmentUser = 'departmentuser'
 }
@@ -50,6 +50,7 @@ export class CoreUser extends BaseEntity {
 
   public isInRolle(role: string): boolean {
     role = role?.toLowerCase();
+    return this.roleList.toLowerCase().includes(role);
     return (this.roleList && ((',' + this.roleList.replace(' ', '') + ',').toLowerCase().indexOf(',' + role + ',') > -1))
         || (this.webAppRoleList && ((',' + this.webAppRoleList.replace(' ', '') + ',').toLowerCase().indexOf(',' + role + ',') > -1));
   }
diff --git a/HRD.LDAPService/JWT/JwtGlobals.cs b/HRD.LDAPService/JWT/JwtGlobals.cs
index 5495cb0..6735128 100644
--- a/HRD.LDAPService/JWT/JwtGlobals.cs
+++ b/HRD.LDAPService/JWT/JwtGlobals.cs
@@ -1,5 +1,6 @@
 namespace HRD.LDAPService.JWT
 {
+    //TODO: get this from config file (etc. appsettings.json)
     public static class JwtGlobals
     {
         public const string HttpContextItem_LdapUser = "ldapuser";
@@ -15,5 +16,7 @@
         public const string ROLE_DEPARTMENTMASTER = "DepartmentMaster";
         public const string ROLE_MASTER = "Master";
         public const string ROLE_ADMIN = "Admin";
+        public const string ROLE_DD_ADMIN = "sDigital Data - IIM-Administratoren";
+        public const string ROLE_DD_USER = "sDigital Data - IIM-Benutzer";
     }
 }
\ No newline at end of file
diff --git a/HRD.LDAPService/Ldap/LdapUser.cs b/HRD.LDAPService/Ldap/LdapUser.cs
index 21ea5b2..8e2eb1c 100644
--- a/HRD.LDAPService/Ldap/LdapUser.cs
+++ b/HRD.LDAPService/Ldap/LdapUser.cs
@@ -145,11 +145,13 @@ namespace HRD.LDAPService
 
         public static bool IsJwtGlobalsRole(string roleName)
         {
+            //TODO: Import them from db or config (etc. appsettigns.json)
             return string.Equals(roleName, JwtGlobals.ROLE_USER, StringComparison.OrdinalIgnoreCase)
                 || string.Equals(roleName, JwtGlobals.ROLE_DEPARTMENTUSER, StringComparison.OrdinalIgnoreCase)
                 || string.Equals(roleName, JwtGlobals.ROLE_DEPARTMENTMASTER, StringComparison.OrdinalIgnoreCase)
                 || string.Equals(roleName, JwtGlobals.ROLE_MASTER, StringComparison.OrdinalIgnoreCase)
-                || string.Equals(roleName, JwtGlobals.ROLE_ADMIN, StringComparison.OrdinalIgnoreCase);
+                || string.Equals(roleName, JwtGlobals.ROLE_ADMIN, StringComparison.OrdinalIgnoreCase)
+                || string.Equals(roleName, JwtGlobals.ROLE_DD_ADMIN, StringComparison.OrdinalIgnoreCase);
         }
 
         public void AddExtendedAttribute(string key, string value)
@@ -246,7 +248,7 @@ namespace HRD.LDAPService
                         break;
 
                     case EN_LdapRoleListFilter.OnlyRoleList:
-                        if (IsJwtGlobalsRole(item.Role)) { resultList.Add(item.Role); }
+                        if (IsJwtGlobalsRole(item.Role)){ resultList.Add(item.Role); }
                         break;
 
                     case EN_LdapRoleListFilter.OnlyWebAppRoleList:
diff --git a/StaffDBServer/Extends/JwtMiddlewareOptionsHelper.cs b/StaffDBServer/Extends/JwtMiddlewareOptionsHelper.cs
index bd8fb56..eb9bc6a 100644
--- a/StaffDBServer/Extends/JwtMiddlewareOptionsHelper.cs
+++ b/StaffDBServer/Extends/JwtMiddlewareOptionsHelper.cs
@@ -16,11 +16,14 @@ namespace StaffDBServer.Extends
             //Admin Role
             list.Add(new JwtRole(JwtGlobals.ROLE_ADMIN, "GG_WebApp" + ADGroupPrefix + "_StaffDB_Admin"));
 
+            //TODO: get roles from db
             //Core RoleList
             list.Add(new JwtRole(JwtGlobals.ROLE_USER, "GG_WebApp" + ADGroupPrefix + "_StaffDB_User")); //(RO) nur eigene
             list.Add(new JwtRole(JwtGlobals.ROLE_MASTER, "GG_WebApp" + ADGroupPrefix + "_StaffDB_Master")); //RW ALLE Abteilungen
             list.Add(new JwtRole(JwtGlobals.ROLE_DEPARTMENTUSER, "GG_WebApp" + ADGroupPrefix + "_StaffDB_DepartmentUser")); //(RW) auch andere aus eigener Abteilung
             list.Add(new JwtRole(JwtGlobals.ROLE_DEPARTMENTMASTER, "GG_WebApp" + ADGroupPrefix + "_StaffDB_DepartmentMaster")); //(RW) auch andere aus eigener Abteilung
+            list.Add(new JwtRole(JwtGlobals.ROLE_DD_ADMIN, JwtGlobals.ROLE_DD_ADMIN)); //(RW) auch andere aus eigener Abteilung
+            list.Add(new JwtRole(JwtGlobals.ROLE_DD_USER, JwtGlobals.ROLE_DD_USER));
 
             JwtMiddlewareOptions options = new JwtMiddlewareOptions()
             {
diff --git a/StaffDBServer/Program.cs b/StaffDBServer/Program.cs
index cfd2269..b1a986a 100644
--- a/StaffDBServer/Program.cs
+++ b/StaffDBServer/Program.cs
@@ -116,6 +116,7 @@ try
             opts => opts.CommandTimeout((int)TimeSpan.FromMinutes(dbTimeoutInMin).TotalSeconds));
     });
 
+    // Add repositories in DAL
     builder.Services.AddStaffDBRepositories();
     builder.Services.AddScoped<WebAppUserHelper>();
     builder.Services.AddJwtManagerWithLdap(configuration.GetSection("LdapOptions"));