diff --git a/management/server/http/api/openapi.yml b/management/server/http/api/openapi.yml
index 547d897d9..9418864d7 100644
--- a/management/server/http/api/openapi.yml
+++ b/management/server/http/api/openapi.yml
@@ -191,7 +191,7 @@ components:
     UserPermissions:
       type: object
       properties:
-        permissions:
+        modules:
           type: object
           additionalProperties:
             type: object
@@ -208,7 +208,7 @@ components:
               - read
               - write
           example: {"networks": { "read": true, "write": false}, "peers": { "read": false, "write": false} }
-        auto_allow_new:
+        default:
           type: object
           additionalProperties:
             type: boolean
@@ -218,8 +218,7 @@ components:
               - read
               - write
       required:
-        - permissions
-        - auto_allow_new
+        - default
     UserRequest:
       type: object
       properties:
diff --git a/management/server/http/api/types.gen.go b/management/server/http/api/types.gen.go
index d0d3e1adf..f4e90b5bc 100644
--- a/management/server/http/api/types.gen.go
+++ b/management/server/http/api/types.gen.go
@@ -1703,8 +1703,8 @@ type UserCreateRequest struct {
 
 // UserPermissions defines model for UserPermissions.
 type UserPermissions struct {
-	AutoAllowNew map[string]bool            `json:"auto_allow_new"`
-	Permissions  map[string]map[string]bool `json:"permissions"`
+	Default map[string]bool             `json:"default"`
+	Modules *map[string]map[string]bool `json:"modules,omitempty"`
 }
 
 // UserRequest defines model for UserRequest.
diff --git a/management/server/http/handlers/users/users_handler.go b/management/server/http/handlers/users/users_handler.go
index de72050dc..5230f9c8b 100644
--- a/management/server/http/handlers/users/users_handler.go
+++ b/management/server/http/handlers/users/users_handler.go
@@ -292,14 +292,14 @@ func toUserWithPermissionsResponse(user *users.UserInfoWithPermissions, userID s
 
 	permissions := &api.UserPermissions{}
 	if len(user.Permissions.AutoAllowNew) > 0 {
-		permissions.AutoAllowNew = make(map[string]bool)
+		permissions.Default = make(map[string]bool)
 		for k, v := range user.Permissions.AutoAllowNew {
-			permissions.AutoAllowNew[string(k)] = v
+			permissions.Default[string(k)] = v
 		}
 	}
 
 	if len(user.Permissions.Permissions) > 0 {
-		permissions.Permissions = make(map[string]map[string]bool)
+		modules := make(map[string]map[string]bool)
 		for module, operations := range user.Permissions.Permissions {
 			if len(operations) == 0 {
 				continue
@@ -309,8 +309,9 @@ func toUserWithPermissionsResponse(user *users.UserInfoWithPermissions, userID s
 			for k, v := range operations {
 				access[string(k)] = v
 			}
-			permissions.Permissions[string(module)] = access
+			modules[string(module)] = access
 		}
+		permissions.Modules = &modules
 	}
 
 	response.Permissions = permissions