diff --git a/mod/user/auth.js b/mod/user/auth.js
index b258e7324..0b7067e99 100644
--- a/mod/user/auth.js
+++ b/mod/user/auth.js
@@ -43,6 +43,7 @@ The auth method checks either the request parameter token or user.session if ena
 @property {Object} [headers.authorization] User authorization object.
 @property {Object} req.params Request parameters.
 @property {string} [params.token] JWT.
+@property {string} [params.roles] An admin user may provide a comma seperated strings as roles param to test requests.
 @property {Object} [req.cookies] Request cookies.
 
 @returns {Promise<Object|Error>} Method resolves to either a user object or Error
@@ -94,6 +95,12 @@ module.exports = async function auth(req, res) {
     return sessionCheck
   }
 
+  // Assign roles from request param for admin user.
+  if (user?.admin === true && req.params.roles) {
+
+    user.roles = req.params.roles.split(',')
+  }
+
   return user
 }