diff --git a/packages/backend/src/controllers/api/v1/admin/roles/get-roles.ee.js b/packages/backend/src/controllers/api/v1/admin/roles/get-roles.ee.js
new file mode 100644
index 00000000..3193b3e0
--- /dev/null
+++ b/packages/backend/src/controllers/api/v1/admin/roles/get-roles.ee.js
@@ -0,0 +1,8 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import Role from '../../../../../models/role.js';
+
+export default async (request, response) => {
+  const roles = await Role.query().orderBy('name');
+
+  renderObject(response, roles);
+};
diff --git a/packages/backend/src/controllers/api/v1/admin/roles/get-roles.ee.test.js b/packages/backend/src/controllers/api/v1/admin/roles/get-roles.ee.test.js
new file mode 100644
index 00000000..2161e388
--- /dev/null
+++ b/packages/backend/src/controllers/api/v1/admin/roles/get-roles.ee.test.js
@@ -0,0 +1,33 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import getRolesMock from '../../../../../../test/mocks/rest/api/v1/admin/roles/get-roles.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/roles', () => {
+  let roleOne, roleTwo, currentUser, token;
+
+  beforeEach(async () => {
+    roleOne = await createRole({ key: 'admin' });
+    roleTwo = await createRole({ key: 'user' });
+    currentUser = await createUser({ roleId: roleOne.id });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return roles', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get('/api/v1/admin/roles')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getRolesMock([roleOne, roleTwo]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});
diff --git a/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.test.js b/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.test.js
index be968421..c1cc2aca 100644
--- a/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.test.js
@@ -5,7 +5,7 @@ import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by
 import { createRole } from '../../../../../../test/factories/role.js';
 import { createUser } from '../../../../../../test/factories/user.js';
 import { createSamlAuthProvider } from '../../../../../../test/factories/saml-auth-provider.ee.js';
-import getSamlAuthProviderMock from '../../../../../../test/mocks/rest/api/v1/saml-auth-providers/get-saml-auth-provider.ee.js';
+import getSamlAuthProviderMock from '../../../../../../test/mocks/rest/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js';
 import * as license from '../../../../../helpers/license.ee.js';
 
 describe('GET /api/v1/admin/saml-auth-provider/:samlAuthProviderId', () => {
diff --git a/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.test.js b/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.test.js
index 7a589821..0904cf6f 100644
--- a/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.test.js
@@ -5,7 +5,7 @@ import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by
 import { createRole } from '../../../../../../test/factories/role.js';
 import { createUser } from '../../../../../../test/factories/user.js';
 import { createSamlAuthProvider } from '../../../../../../test/factories/saml-auth-provider.ee.js';
-import getSamlAuthProvidersMock from '../../../../../../test/mocks/rest/api/v1/saml-auth-providers/get-saml-auth-providers.ee.js';
+import getSamlAuthProvidersMock from '../../../../../../test/mocks/rest/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.js';
 import * as license from '../../../../../helpers/license.ee.js';
 
 describe('GET /api/v1/admin/saml-auth-providers', () => {
diff --git a/packages/backend/src/routes/api/v1/admin/roles.ee.js b/packages/backend/src/routes/api/v1/admin/roles.ee.js
new file mode 100644
index 00000000..bdcc7299
--- /dev/null
+++ b/packages/backend/src/routes/api/v1/admin/roles.ee.js
@@ -0,0 +1,17 @@
+import { Router } from 'express';
+import { authenticateUser } from '../../../../helpers/authentication.js';
+import { authorizeAdmin } from '../../../../helpers/authorization.js';
+import { checkIsEnterprise } from '../../../../helpers/check-is-enterprise.js';
+import getRolesAction from '../../../../controllers/api/v1/admin/roles/get-roles.ee.js';
+
+const router = Router();
+
+router.get(
+  '/',
+  authenticateUser,
+  authorizeAdmin,
+  checkIsEnterprise,
+  getRolesAction
+);
+
+export default router;
diff --git a/packages/backend/src/routes/api/v1/admin/saml-auth-providers.ee.js b/packages/backend/src/routes/api/v1/admin/saml-auth-providers.ee.js
new file mode 100644
index 00000000..5ec36f63
--- /dev/null
+++ b/packages/backend/src/routes/api/v1/admin/saml-auth-providers.ee.js
@@ -0,0 +1,26 @@
+import { Router } from 'express';
+import { authenticateUser } from '../../../../helpers/authentication.js';
+import { authorizeAdmin } from '../../../../helpers/authorization.js';
+import { checkIsEnterprise } from '../../../../helpers/check-is-enterprise.js';
+import getSamlAuthProvidersAction from '../../../../controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.js';
+import getSamlAuthProviderAction from '../../../../controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js';
+
+const router = Router();
+
+router.get(
+  '/',
+  authenticateUser,
+  authorizeAdmin,
+  checkIsEnterprise,
+  getSamlAuthProvidersAction
+);
+
+router.get(
+  '/:samlAuthProviderId',
+  authenticateUser,
+  authorizeAdmin,
+  checkIsEnterprise,
+  getSamlAuthProviderAction
+);
+
+export default router;
diff --git a/packages/backend/src/routes/api/v1/saml-auth-providers.ee.js b/packages/backend/src/routes/api/v1/saml-auth-providers.ee.js
deleted file mode 100644
index 88e3c9a8..00000000
--- a/packages/backend/src/routes/api/v1/saml-auth-providers.ee.js
+++ /dev/null
@@ -1,26 +0,0 @@
-import { Router } from 'express';
-import { authenticateUser } from '../../../helpers/authentication.js';
-import { authorizeAdmin } from '../../../helpers/authorization.js';
-import { checkIsEnterprise } from '../../../helpers/check-is-enterprise.js';
-import getSamlAuthProvidersAction from '../../../controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.js';
-import getSamlAuthProviderAction from '../../../controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js';
-
-const router = Router();
-
-router.get(
-  '/',
-  authenticateUser,
-  authorizeAdmin,
-  checkIsEnterprise,
-  getSamlAuthProvidersAction
-);
-
-router.get(
-  '/:samlAuthProviderId',
-  authenticateUser,
-  authorizeAdmin,
-  checkIsEnterprise,
-  getSamlAuthProviderAction
-);
-
-export default router;
diff --git a/packages/backend/src/routes/index.js b/packages/backend/src/routes/index.js
index 0aec5e23..6f78042d 100644
--- a/packages/backend/src/routes/index.js
+++ b/packages/backend/src/routes/index.js
@@ -5,7 +5,8 @@ import paddleRouter from './paddle.ee.js';
 import healthcheckRouter from './healthcheck.js';
 import automatischRouter from './api/v1/automatisch.js';
 import usersRouter from './api/v1/users.js';
-import samlAuthProvidersRouter from './api/v1/saml-auth-providers.ee.js';
+import samlAuthProvidersRouter from './api/v1/admin/saml-auth-providers.ee.js';
+import rolesRouter from './api/v1/admin/roles.ee.js';
 
 const router = Router();
 
@@ -16,5 +17,6 @@ router.use('/healthcheck', healthcheckRouter);
 router.use('/api/v1/automatisch', automatischRouter);
 router.use('/api/v1/users', usersRouter);
 router.use('/api/v1/admin/saml-auth-providers', samlAuthProvidersRouter);
+router.use('/api/v1/admin/roles', rolesRouter);
 
 export default router;
diff --git a/packages/backend/test/mocks/rest/api/v1/admin/roles/get-roles.ee.js b/packages/backend/test/mocks/rest/api/v1/admin/roles/get-roles.ee.js
new file mode 100644
index 00000000..f92a24e2
--- /dev/null
+++ b/packages/backend/test/mocks/rest/api/v1/admin/roles/get-roles.ee.js
@@ -0,0 +1,26 @@
+const getRolesMock = async (roles) => {
+  const data = roles.map((role) => {
+    return {
+      id: role.id,
+      key: role.key,
+      name: role.name,
+      isAdmin: role.isAdmin,
+      description: role.description,
+      createdAt: role.createdAt.toISOString(),
+      updatedAt: role.updatedAt.toISOString(),
+    };
+  });
+
+  return {
+    data: data,
+    meta: {
+      count: data.length,
+      currentPage: null,
+      isArray: true,
+      totalPages: null,
+      type: 'Role',
+    },
+  };
+};
+
+export default getRolesMock;
diff --git a/packages/backend/test/mocks/rest/api/v1/saml-auth-providers/get-saml-auth-provider.ee.js b/packages/backend/test/mocks/rest/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js
similarity index 88%
rename from packages/backend/test/mocks/rest/api/v1/saml-auth-providers/get-saml-auth-provider.ee.js
rename to packages/backend/test/mocks/rest/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js
index 73f3bf71..7a2d4c77 100644
--- a/packages/backend/test/mocks/rest/api/v1/saml-auth-providers/get-saml-auth-provider.ee.js
+++ b/packages/backend/test/mocks/rest/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js
@@ -1,4 +1,4 @@
-const getSamlAuthProvidersMock = async (samlAuthProvider) => {
+const getSamlAuthProviderMock = async (samlAuthProvider) => {
   const data = {
     active: samlAuthProvider.active,
     certificate: samlAuthProvider.certificate,
@@ -26,4 +26,4 @@ const getSamlAuthProvidersMock = async (samlAuthProvider) => {
   };
 };
 
-export default getSamlAuthProvidersMock;
+export default getSamlAuthProviderMock;
diff --git a/packages/backend/test/mocks/rest/api/v1/saml-auth-providers/get-saml-auth-providers.ee.js b/packages/backend/test/mocks/rest/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.js
similarity index 100%
rename from packages/backend/test/mocks/rest/api/v1/saml-auth-providers/get-saml-auth-providers.ee.js
rename to packages/backend/test/mocks/rest/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.js