diff --git a/handlers/authorize.go b/handlers/authorize.go
index d06e201..fa9a413 100644
--- a/handlers/authorize.go
+++ b/handlers/authorize.go
@@ -53,7 +53,7 @@ func AuthorizeHandler(w http.ResponseWriter, r *http.Request) {
 	}
 
 	log.Print("Authorization request for user=", ctx.UserID, ", resource=", ctx.Resource, ", action=", ctx.Action)
-	log.Print("JWT claims user=", claims.UserID, ", username=", claims.Username, ", role=", claims.Role)
+	log.Print("JWT claims user=", claims.UserID, ", username=", claims.Username, ", role=", claims.RoleID)
 	// Verify JWT user matches request user (security check)
 	if ctx.UserID != claims.UserID {
 		helper.RespondWithError(w, http.StatusForbidden, "User ID mismatch")
diff --git a/handlers/authorize_test.go b/handlers/authorize_test.go
index 544f8de..e620532 100644
--- a/handlers/authorize_test.go
+++ b/handlers/authorize_test.go
@@ -46,7 +46,7 @@ func TestAuthorizeHandlerInvalidJSON(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 	}
 
 	req := httptest.NewRequest("POST", AuthCheckEndpoint, bytes.NewBufferString("invalid json"))
@@ -87,7 +87,7 @@ func TestAuthorizeHandlerMissingRequiredFields(t *testing.T) {
 			claims := &models.Claims{
 				UserID:   "user123",
 				Username: "testuser",
-				Role:     "admin",
+				RoleID:   "admin",
 			}
 
 			body, _ := json.Marshal(tc.payload)
@@ -110,7 +110,7 @@ func TestAuthorizeHandlerUserIDMismatch(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 	}
 
 	payload := models.AuthorizationContext{
@@ -139,7 +139,7 @@ func TestAuthorizeHandlerNilMaps(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 	}
 
 	payload := models.AuthorizationContext{
@@ -177,7 +177,7 @@ func TestAuthorizeHandlerEmptyUserID(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 	}
 
 	payload := models.AuthorizationContext{
@@ -203,7 +203,7 @@ func TestAuthorizeHandlerEmptyResource(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 	}
 
 	payload := models.AuthorizationContext{
@@ -229,7 +229,7 @@ func TestAuthorizeHandlerEmptyAction(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 	}
 
 	payload := models.AuthorizationContext{
@@ -270,7 +270,7 @@ func TestAuthorizeHandlerMalformedJSON(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 	}
 
 	testCases := []struct {
@@ -327,7 +327,7 @@ func TestAuthorizeHandlerSpecialCharactersInFields(t *testing.T) {
 			testClaims := &models.Claims{
 				UserID:   tc.userID,
 				Username: "testuser",
-				Role:     "admin",
+				RoleID:   "admin",
 			}
 			ctx := context.WithValue(req.Context(), models.ContextKey("claims"), testClaims)
 			req = req.WithContext(ctx)
diff --git a/middleware/jwt.go b/middleware/jwt.go
index 5b3edb0..058e6ee 100644
--- a/middleware/jwt.go
+++ b/middleware/jwt.go
@@ -19,7 +19,7 @@ const (
 	claimsKey   models.ContextKey = "claims"
 	userIDKey   models.ContextKey = "user_id"
 	usernameKey models.ContextKey = "username"
-	roleKey     models.ContextKey = "role"
+	roleIDKey   models.ContextKey = "role_id"
 )
 
 var (
@@ -178,7 +178,7 @@ func buildContext(parent context.Context, claims *models.Claims) context.Context
 	ctx := context.WithValue(parent, claimsKey, claims)
 	ctx = context.WithValue(ctx, userIDKey, claims.UserID)
 	ctx = context.WithValue(ctx, usernameKey, claims.Username)
-	ctx = context.WithValue(ctx, roleKey, claims.Role)
+	ctx = context.WithValue(ctx, roleIDKey, claims.RoleID)
 	return ctx
 }
 
@@ -202,6 +202,6 @@ func GetUsername(r *http.Request) (string, bool) {
 
 // GetRole retrieves the role from the request context
 func GetRole(r *http.Request) (string, bool) {
-	role, ok := r.Context().Value(roleKey).(string)
+	role, ok := r.Context().Value(roleIDKey).(string)
 	return role, ok
 }
diff --git a/middleware/jwt_test.go b/middleware/jwt_test.go
index bcdc784..5cdd982 100644
--- a/middleware/jwt_test.go
+++ b/middleware/jwt_test.go
@@ -132,7 +132,7 @@ func TestParseAndValidateToken(t *testing.T) {
 		claims := &models.Claims{
 			UserID:   "user123",
 			Username: "testuser",
-			Role:     "admin",
+			RoleID:   "admin",
 			RegisteredClaims: jwt.RegisteredClaims{
 				ExpiresAt: jwt.NewNumericDate(time.Now().Add(1 * time.Hour)),
 			},
@@ -164,7 +164,7 @@ func TestParseAndValidateToken(t *testing.T) {
 		claims := &models.Claims{
 			UserID:   "user123",
 			Username: "testuser",
-			Role:     "admin",
+			RoleID:   "admin",
 			RegisteredClaims: jwt.RegisteredClaims{
 				ExpiresAt: jwt.NewNumericDate(time.Now().Add(-1 * time.Hour)),
 			},
@@ -184,7 +184,7 @@ func TestBuildContext(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 	}
 
 	parent := context.Background()
@@ -206,7 +206,7 @@ func TestBuildContext(t *testing.T) {
 	}
 
 	// Check role
-	if val, ok := ctx.Value(roleKey).(string); !ok || val != "admin" {
+	if val, ok := ctx.Value(roleIDKey).(string); !ok || val != "admin" {
 		t.Error("Role not properly set in context")
 	}
 }
@@ -215,7 +215,7 @@ func TestGetClaims(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 	}
 
 	req := httptest.NewRequest("GET", "/", nil)
@@ -261,7 +261,7 @@ func TestGetUsername(t *testing.T) {
 
 func TestGetRole(t *testing.T) {
 	req := httptest.NewRequest("GET", "/", nil)
-	ctx := context.WithValue(req.Context(), roleKey, "admin")
+	ctx := context.WithValue(req.Context(), roleIDKey, "admin")
 	req = req.WithContext(ctx)
 
 	role, ok := GetRole(req)
@@ -318,7 +318,7 @@ func TestJWTAuthValidToken(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(1 * time.Hour)),
 		},
@@ -413,7 +413,7 @@ func TestBuildContextWithDifferentRoles(t *testing.T) {
 			claims := &models.Claims{
 				UserID:   "user123",
 				Username: "testuser",
-				Role:     role,
+				RoleID:   role,
 			}
 
 			req := httptest.NewRequest("GET", "/", nil)
@@ -424,8 +424,8 @@ func TestBuildContextWithDifferentRoles(t *testing.T) {
 			if !ok {
 				t.Error("Claims not found in context")
 			}
-			if retrievedClaims.Role != role {
-				t.Errorf("Role = %q, want %q", retrievedClaims.Role, role)
+			if retrievedClaims.RoleID != role {
+				t.Errorf("Role = %q, want %q", retrievedClaims.RoleID, role)
 			}
 		})
 	}
@@ -528,7 +528,7 @@ func TestJWTAuthExpiredToken(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(-1 * time.Hour)),
 		},
@@ -568,7 +568,7 @@ func TestJWTAuthTokenWithMissingClaims(t *testing.T) {
 			"Missing UserID",
 			&models.Claims{
 				Username: "testuser",
-				Role:     "admin",
+				RoleID:   "admin",
 				RegisteredClaims: jwt.RegisteredClaims{
 					ExpiresAt: jwt.NewNumericDate(time.Now().Add(1 * time.Hour)),
 				},
@@ -578,7 +578,7 @@ func TestJWTAuthTokenWithMissingClaims(t *testing.T) {
 			"Missing Username",
 			&models.Claims{
 				UserID: "user123",
-				Role:   "admin",
+				RoleID: "admin",
 				RegisteredClaims: jwt.RegisteredClaims{
 					ExpiresAt: jwt.NewNumericDate(time.Now().Add(1 * time.Hour)),
 				},
@@ -636,7 +636,7 @@ func TestJWTAuthConcurrentRequests(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(1 * time.Hour)),
 		},
@@ -687,7 +687,7 @@ func TestJWTAuthTokenSignedWithWrongKey(t *testing.T) {
 	claims := &models.Claims{
 		UserID:   "user123",
 		Username: "testuser",
-		Role:     "admin",
+		RoleID:   "admin",
 		RegisteredClaims: jwt.RegisteredClaims{
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(1 * time.Hour)),
 		},
diff --git a/models/authorize.go b/models/authorize.go
index 88a8cea..d2a5e9d 100644
--- a/models/authorize.go
+++ b/models/authorize.go
@@ -18,9 +18,10 @@ type AuthorizationResponse struct {
 }
 
 type Claims struct {
-	UserID   string `json:"user_id"`
-	Username string `json:"username"`
-	Role     string `json:"role"`
+	UserID       string `json:"user_id"`
+	Username     string `json:"username"`
+	EmailAddress string `json:"email_address"`
+	RoleID       string `json:"role_id"`
 	jwt.RegisteredClaims
 }