diff --git a/internal/auth/proxy.go b/internal/auth/proxy.go
index 881d0352..10a4b910 100644
--- a/internal/auth/proxy.go
+++ b/internal/auth/proxy.go
@@ -48,7 +48,10 @@ func (p *proxyAuthContext) AuthMiddleware(next http.Handler) http.Handler {
 			if err != nil {
 				log.Fatal().Str("filter", r.Header.Get(p.headerFilter)).Msg("Failed to parse container filter")
 			}
-			userRoles := ParseRole(r.Header.Get(p.headerRoles))
+			userRoles := All
+			if r.Header.Get(p.headerRoles) != "" {
+				userRoles = ParseRole(r.Header.Get(p.headerRoles))
+			}
 			user := newUser(r.Header.Get(p.headerUser), r.Header.Get(p.headerEmail), r.Header.Get(p.headerName), containerFilter, userRoles)
 			ctx := context.WithValue(r.Context(), remoteUser, user)
 			next.ServeHTTP(w, r.WithContext(ctx))