diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/authentication/manager/ExternalLoginAuthenticationManager.java b/server/src/main/java/org/cloudfoundry/identity/uaa/authentication/manager/ExternalLoginAuthenticationManager.java
index 676f5722ce2..3bd353fd43f 100644
--- a/server/src/main/java/org/cloudfoundry/identity/uaa/authentication/manager/ExternalLoginAuthenticationManager.java
+++ b/server/src/main/java/org/cloudfoundry/identity/uaa/authentication/manager/ExternalLoginAuthenticationManager.java
@@ -137,7 +137,7 @@ public Authentication authenticate(Authentication request) throws Authentication
             if (!isAddNewShadowUser()) {
                 throw new AccountNotPreCreatedException("The user account must be pre-created. Please contact your system administrator.");
             }
-            publish(new NewUserAuthenticatedEvent(userFromRequest));
+            publish(new NewUserAuthenticatedEvent(userFromRequest.authorities(List.of())));
             try {
                 userFromDb = userDatabase.retrieveUserByName(userFromRequest.getUsername(), getOrigin());
             } catch (UsernameNotFoundException ex) {
diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/user/UaaUser.java b/server/src/main/java/org/cloudfoundry/identity/uaa/user/UaaUser.java
index 2b7120f61bb..2f9a51226b5 100644
--- a/server/src/main/java/org/cloudfoundry/identity/uaa/user/UaaUser.java
+++ b/server/src/main/java/org/cloudfoundry/identity/uaa/user/UaaUser.java
@@ -229,7 +229,7 @@ public UaaUser authorities(Collection<? extends GrantedAuthority> authorities) {
         if (!values.contains(UaaAuthority.UAA_USER)) {
             values.add(UaaAuthority.UAA_USER);
         }
-        return new UaaUser(id, username, getPassword(), email, values, givenName, familyName, created, modified, origin, externalId, verified, zoneId, salt, passwordLastModified);
+        return new UaaUser(new UaaUserPrototype(this).withAuthorities(values));
     }
 
     @Override