diff --git a/app/save-and-restore/model/src/main/java/org/phoebus/applications/saveandrestore/model/UserData.java b/app/save-and-restore/model/src/main/java/org/phoebus/applications/saveandrestore/model/UserData.java
new file mode 100644
index 0000000000..97c5cfd91c
--- /dev/null
+++ b/app/save-and-restore/model/src/main/java/org/phoebus/applications/saveandrestore/model/UserData.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright (C) 2020 European Spallation Source ERIC.
+ *
+ *  This program is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU General Public License
+ *  as published by the Free Software Foundation; either version 2
+ *  of the License, or (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+package org.phoebus.applications.saveandrestore.model;
+
+import java.util.List;
+
+/**
+ * Simple pojo used to convey username and list of roles to a client upon
+ * login or explicit request.
+ */
+public class UserData {
+
+    private String userName;
+    private List<String> roles;
+
+    public UserData(){
+
+    }
+
+    public UserData(String userName, List<String> roles){
+        this.userName = userName;
+        this.roles = roles;
+    }
+
+    public String getUserName() {
+        return userName;
+    }
+
+    public void setUserName(String userName) {
+        this.userName = userName;
+    }
+
+    public List<String> getRoles() {
+        return roles;
+    }
+
+    public void setRoles(List<String> roles) {
+        this.roles = roles;
+    }
+}
diff --git a/services/save-and-restore/src/main/java/org/phoebus/service/saveandrestore/web/controllers/AuthenticationController.java b/services/save-and-restore/src/main/java/org/phoebus/service/saveandrestore/web/controllers/AuthenticationController.java
index 4ea7d8ecdb..7a87af6a8e 100644
--- a/services/save-and-restore/src/main/java/org/phoebus/service/saveandrestore/web/controllers/AuthenticationController.java
+++ b/services/save-and-restore/src/main/java/org/phoebus/service/saveandrestore/web/controllers/AuthenticationController.java
@@ -20,6 +20,7 @@
 package org.phoebus.service.saveandrestore.web.controllers;
 
 import org.phoebus.applications.saveandrestore.model.LoginCredentials;
+import org.phoebus.applications.saveandrestore.model.UserData;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -27,12 +28,15 @@
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 
+import java.util.List;
 import java.util.logging.Level;
 import java.util.logging.Logger;
+import java.util.stream.Collectors;
 
 /**
  * Controller class for user authentication endpoints.
@@ -51,15 +55,21 @@ public class AuthenticationController extends BaseController {
      * @return A {@link ResponseEntity} indicating the outcome, e.g. OK (200) or UNAUTHORIZED (401)
      */
     @PostMapping(value = "login")
-    public ResponseEntity<Void> login(@RequestBody LoginCredentials loginCredentials) {
+    public ResponseEntity<UserData> login(@RequestBody LoginCredentials loginCredentials) {
         Authentication authentication =
                 new UsernamePasswordAuthenticationToken(loginCredentials.username(), loginCredentials.password());
         try {
-            authenticationManager.authenticate(authentication);
+            authentication = authenticationManager.authenticate(authentication);
         } catch (AuthenticationException e) {
             Logger.getLogger(AuthenticationController.class.getName()).log(Level.WARNING, "Unable to authenticate user " + loginCredentials.username(), e);
-            return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
+            return new ResponseEntity<>(
+                    null,
+                    HttpStatus.UNAUTHORIZED);
         }
-        return new ResponseEntity<>(HttpStatus.OK);
+        List<String> roles = authentication.getAuthorities().stream()
+                .map(GrantedAuthority::getAuthority).collect(Collectors.toList());
+        return new ResponseEntity<>(
+                new UserData(loginCredentials.username(), roles),
+                HttpStatus.OK);
     }
 }