diff --git a/src/main/kotlin/com/cosmotech/api/rbac/RolesDefinition.kt b/src/main/kotlin/com/cosmotech/api/rbac/RolesDefinition.kt
index 526db980..97d2227d 100644
--- a/src/main/kotlin/com/cosmotech/api/rbac/RolesDefinition.kt
+++ b/src/main/kotlin/com/cosmotech/api/rbac/RolesDefinition.kt
@@ -22,6 +22,8 @@ const val PERMISSION_DELETE = "delete"
 const val PERMISSION_LAUNCH = "launch"
 const val PERMISSION_VALIDATE = "validate"
 
+val NO_PERMISSIONS = emptyList<String>()
+
 val COMMON_ROLE_READER_PERMISSIONS = listOf(PERMISSION_READ)
 val COMMON_ROLE_USER_PERMISSIONS =
     listOf(PERMISSION_READ, PERMISSION_READ_SECURITY, PERMISSION_CREATE_CHILDREN)
@@ -92,6 +94,7 @@ fun getCommonRolesDefinition(): RolesDefinition {
   return RolesDefinition(
       permissions =
           mutableMapOf(
+              ROLE_NONE to NO_PERMISSIONS,
               ROLE_VIEWER to COMMON_ROLE_READER_PERMISSIONS,
               ROLE_USER to COMMON_ROLE_USER_PERMISSIONS,
               ROLE_EDITOR to COMMON_ROLE_EDITOR_PERMISSIONS,
@@ -104,6 +107,7 @@ fun getScenarioRolesDefinition(): RolesDefinition {
   return RolesDefinition(
       permissions =
           mutableMapOf(
+              ROLE_NONE to NO_PERMISSIONS,
               ROLE_VIEWER to SCENARIO_ROLE_VIEWER_PERMISSIONS,
               ROLE_EDITOR to SCENARIO_ROLE_EDITOR_PERMISSIONS,
               ROLE_VALIDATOR to SCENARIO_ROLE_VALIDATOR_PERMISSIONS,
diff --git a/src/test/kotlin/com/cosmotech/api/rbac/CsmRbacTests.kt b/src/test/kotlin/com/cosmotech/api/rbac/CsmRbacTests.kt
index a492ed5f..1fae1bd1 100644
--- a/src/test/kotlin/com/cosmotech/api/rbac/CsmRbacTests.kt
+++ b/src/test/kotlin/com/cosmotech/api/rbac/CsmRbacTests.kt
@@ -634,6 +634,7 @@ class CsmRbacTests {
   fun `get default role definition permissions`() {
     val expected: MutableMap<String, List<String>> =
         mutableMapOf(
+            ROLE_NONE to NO_PERMISSIONS,
             ROLE_VIEWER to COMMON_ROLE_READER_PERMISSIONS,
             ROLE_USER to COMMON_ROLE_USER_PERMISSIONS,
             ROLE_EDITOR to COMMON_ROLE_EDITOR_PERMISSIONS,
@@ -655,6 +656,7 @@ class CsmRbacTests {
     definition.permissions.put(customRole, customRolePermissions)
     val expected: MutableMap<String, List<String>> =
         mutableMapOf(
+            ROLE_NONE to NO_PERMISSIONS,
             ROLE_VIEWER to COMMON_ROLE_READER_PERMISSIONS,
             ROLE_USER to COMMON_ROLE_USER_PERMISSIONS,
             ROLE_EDITOR to COMMON_ROLE_EDITOR_PERMISSIONS,