diff --git a/src/server.js b/src/server.js
index c0b31b8e2..5277f96d2 100644
--- a/src/server.js
+++ b/src/server.js
@@ -174,12 +174,12 @@ function initializeExpressSync() {
     router.post('/api/v1/users/:userId/create_invite', token, authorizeUserManager, routes.users.load, routes.users.createInvite);
 
     // Group management
-    router.get ('/api/v1/groups', token, authorizeAdmin, routes.groups.list);
-    router.post('/api/v1/groups', token, authorizeAdmin, routes.groups.create);
-    router.get ('/api/v1/groups/:groupId', token, authorizeAdmin, routes.groups.get);
-    router.put ('/api/v1/groups/:groupId/members', token, authorizeAdmin, routes.groups.updateMembers);
-    router.post('/api/v1/groups/:groupId', token, authorizeAdmin, routes.groups.update);
-    router.del ('/api/v1/groups/:groupId', token, authorizeAdmin, routes.groups.remove);
+    router.get ('/api/v1/groups', token, authorizeUserManager, routes.groups.list);
+    router.post('/api/v1/groups', token, authorizeUserManager, routes.groups.create);
+    router.get ('/api/v1/groups/:groupId', token, authorizeUserManager, routes.groups.get);
+    router.put ('/api/v1/groups/:groupId/members', token, authorizeUserManager, routes.groups.updateMembers);
+    router.post('/api/v1/groups/:groupId', token, authorizeUserManager, routes.groups.update);
+    router.del ('/api/v1/groups/:groupId', token, authorizeUserManager, routes.groups.remove);
 
     // appstore and subscription routes
     router.post('/api/v1/appstore/register_cloudron', token, authorizeAdmin, routes.appstore.registerCloudron);