diff --git a/authhub/src/main/java/com/networknt/oauth/auth/DefaultAuthenticator.java b/authhub/src/main/java/com/networknt/oauth/auth/DefaultAuthenticator.java
index df6868d5..80113021 100644
--- a/authhub/src/main/java/com/networknt/oauth/auth/DefaultAuthenticator.java
+++ b/authhub/src/main/java/com/networknt/oauth/auth/DefaultAuthenticator.java
@@ -17,6 +17,7 @@
 import java.security.spec.InvalidKeySpecException;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.HashSet;
 import java.util.Set;
 
 public class DefaultAuthenticator extends AuthenticatorBase<DefaultAuth> {
@@ -63,7 +64,7 @@ private Account getAccount(final String id) {
         IMap<String, User> users = CacheStartupHookProvider.hz.getMap("users");
         if (users.containsKey(id)) {
             return new Account() {
-                private Set<String> roles = Collections.emptySet();
+                private Set<String> roles = parseRoles(users.get(id).getRoles());
                 private final Principal principal = () -> id;
                 @Override
                 public Principal getPrincipal() {
@@ -75,4 +76,21 @@ public Principal getPrincipal() {
         }
         return null;
     }
+
+    public Set<String> parseRoles(String roles) {
+        Set<String> set = Collections.EMPTY_SET;
+        if(roles != null) {
+            // remove the leading and trailing spaces.
+            roles = roles.trim();
+            if(roles.contains(" ")) {
+                // multiple roles in a format separated by " ".
+                set = new HashSet<>(Arrays.asList(roles.split("\\s+")));
+            } else {
+                // only one role is available
+                set = new HashSet<>();
+                set.add(roles);
+            }
+        }
+        return set;
+    }
 }
diff --git a/authhub/src/test/java/com/networknt/oauth/auth/DefaultAuthenticatorTest.java b/authhub/src/test/java/com/networknt/oauth/auth/DefaultAuthenticatorTest.java
new file mode 100644
index 00000000..bef09b31
--- /dev/null
+++ b/authhub/src/test/java/com/networknt/oauth/auth/DefaultAuthenticatorTest.java
@@ -0,0 +1,26 @@
+package com.networknt.oauth.auth;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+public class DefaultAuthenticatorTest {
+
+    // The method is a private method and this test is only working when the method is modified
+    // as public method. That is why this method is commented out.
+    //@Test
+    public void testParseRoles() {
+        String r0 = null;
+        String r1 = "admin";
+        String r2 = "admin user";
+        String r3 = "admin user     manager";
+        String r4 = " admin       user ";
+        DefaultAuthenticator authenticator = new DefaultAuthenticator();
+
+        Assert.assertTrue(authenticator.parseRoles(r0).isEmpty());
+        Assert.assertEquals(1, authenticator.parseRoles(r1).size());
+        Assert.assertEquals(2, authenticator.parseRoles(r2).size());
+        Assert.assertEquals(3, authenticator.parseRoles(r3).size());
+        Assert.assertEquals(2, authenticator.parseRoles(r4).size());
+    }
+
+}