diff --git a/src/controllers/branch-controller.ts b/src/controllers/branch-controller.ts
index 0aa653e..aa02782 100644
--- a/src/controllers/branch-controller.ts
+++ b/src/controllers/branch-controller.ts
@@ -104,7 +104,7 @@ export class BranchController extends Controller {
     const list = await prisma.branchUser.groupBy({
       _count: true,
       where: {
-        userId: !["system", "head_of_admin", "admin"].some((v) => req.user.role?.includes(v))
+        userId: !["system", "head_of_admin", "admin"].some((v) => req.user.roles?.includes(v))
           ? req.user.sub
           : undefined,
         user: {
@@ -116,7 +116,7 @@ export class BranchController extends Controller {
 
     const record = await prisma.branch.findMany({
       where: {
-        user: !["system", "head_of_admin", "admin"].some((v) => req.user.role?.includes(v))
+        user: !["system", "head_of_admin", "admin"].some((v) => req.user.roles?.includes(v))
           ? { some: { userId: req.user.sub } }
           : undefined,
       },
@@ -412,7 +412,7 @@ export class BranchController extends Controller {
     }
 
     if (
-      !["system", "head_of_admin", "admin"].some((v) => req.user.role?.includes(v)) &&
+      !["system", "head_of_admin", "admin"].some((v) => req.user.roles?.includes(v)) &&
       !branch?.user.find((v) => v.userId === req.user.sub)
     ) {
       throw new HttpError(
@@ -491,7 +491,7 @@ export class BranchController extends Controller {
       where: { id: branchId },
     });
 
-    if (!["system", "head_of_admin", "admin"].some((v) => req.user.role?.includes(v))) {
+    if (!["system", "head_of_admin", "admin"].some((v) => req.user.roles?.includes(v))) {
       if (
         record?.createdByUserId !== req.user.sub &&
         !record?.user.find((v) => v.userId === req.user.sub)
diff --git a/src/interfaces/user.ts b/src/interfaces/user.ts
index a35cdc4..3bf51f2 100644
--- a/src/interfaces/user.ts
+++ b/src/interfaces/user.ts
@@ -8,6 +8,6 @@ export type RequestWithUser = Request & {
     familiy_name: string;
     preferred_username: string;
     email: string;
-    role: string[];
+    roles: string[];
   };
 };
diff --git a/src/middlewares/role.ts b/src/middlewares/role.ts
index dd2ec2f..be5c419 100644
--- a/src/middlewares/role.ts
+++ b/src/middlewares/role.ts
@@ -8,10 +8,10 @@ export function role(
   errorMessage: string = "You do not have permission to access this resource.",
 ) {
   return (req: RequestWithUser, _res: Response, next: NextFunction) => {
-    if (!Array.isArray(role) && !req.user.role.includes(role) && !req.user.role.includes("*")) {
+    if (!Array.isArray(role) && !req.user.roles.includes(role) && !req.user.roles.includes("*")) {
       throw new HttpError(HttpStatus.FORBIDDEN, errorMessage, "noPermissionToAccess");
     }
-    if (role !== "*" && !req.user.role.some((v) => role.includes(v))) {
+    if (role !== "*" && !req.user.roles.some((v) => role.includes(v))) {
       throw new HttpError(HttpStatus.FORBIDDEN, errorMessage, "noPermissionToAccess");
     }
     return next();