diff --git a/src/main/java/run/halo/app/core/extension/endpoint/UserEndpoint.java b/src/main/java/run/halo/app/core/extension/endpoint/UserEndpoint.java
index 5ae6895c9..c0b3b7e16 100644
--- a/src/main/java/run/halo/app/core/extension/endpoint/UserEndpoint.java
+++ b/src/main/java/run/halo/app/core/extension/endpoint/UserEndpoint.java
@@ -7,6 +7,7 @@ import static org.springdoc.core.fn.builders.requestbody.Builder.requestBodyBuil
 import com.fasterxml.jackson.core.type.TypeReference;
 import io.micrometer.common.util.StringUtils;
 import io.swagger.v3.oas.annotations.enums.ParameterIn;
+import io.swagger.v3.oas.annotations.media.Schema;
 import java.util.HashSet;
 import java.util.LinkedHashSet;
 import java.util.Map;
@@ -148,8 +149,7 @@ public class UserEndpoint implements CustomEndpoint {
                 return list;
             })
             .map(roles -> {
-                Set<String> uiPermissions =
-                    roles.stream()
+                Set<String> uiPermissions = roles.stream()
                         .map(role -> role.getMetadata().getAnnotations())
                         .filter(Objects::nonNull)
                         .map(this::mergeUiPermissions)
@@ -180,6 +180,7 @@ public class UserEndpoint implements CustomEndpoint {
         return result;
     }
 
-    record UserPermission(Set<Role> roles, Set<String> uiPermissions) {
+    record UserPermission(@Schema(required = true) Set<Role> roles,
+                          @Schema(required = true) Set<String> uiPermissions) {
     }
 }
diff --git a/src/main/java/run/halo/app/security/SuperAdminInitializer.java b/src/main/java/run/halo/app/security/SuperAdminInitializer.java
index c78d2fe42..fd462a65a 100644
--- a/src/main/java/run/halo/app/security/SuperAdminInitializer.java
+++ b/src/main/java/run/halo/app/security/SuperAdminInitializer.java
@@ -1,7 +1,9 @@
 package run.halo.app.security;
 
 import java.time.Instant;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.springframework.boot.context.event.ApplicationReadyEvent;
@@ -68,6 +70,9 @@ public class SuperAdminInitializer implements ApplicationListener<ApplicationRea
     Role createSuperRole() {
         var metadata = new Metadata();
         metadata.setName("super-role");
+        Map<String, String> annotations = new HashMap<>();
+        annotations.put(Role.UI_PERMISSIONS_ANNO, "[\"*\"]");
+        metadata.setAnnotations(annotations);
 
         var superRule = new PolicyRule.Builder()
             .apiGroups("*")