diff --git a/src/ApiKernel.php b/src/ApiKernel.php
index b430ccb..2b6666a 100644
--- a/src/ApiKernel.php
+++ b/src/ApiKernel.php
@@ -1325,7 +1325,7 @@ class ApiKernel
 
     private function handleAccountProfileGet(): void
     {
-        $user = $this->authService->requireAuth();
+        $user = $this->ensureAuthUserHydrated($this->authService->requireAuth());
         $customerId = (int)($user['customer_id'] ?? 0);
         $settings = $customerId ? $this->ensureSettingsTokens($customerId, $this->getCustomerSettings($customerId)) : [];
         $this->respond([
@@ -2016,6 +2016,59 @@ class ApiKernel
         ];
     }
 
+    private function ensureAuthUserHydrated(array $user): array
+    {
+        $role = (string)($user['role'] ?? '');
+        $hasOwnerFlag = isset($user['permissions']['owner']);
+        if ($role !== '' && $hasOwnerFlag) {
+            return $user;
+        }
+        $userId = (int)($user['id'] ?? 0);
+        if ($userId <= 0 || !$this->pdo) {
+            if ($role === '') $user['role'] = 'user';
+            if (!$hasOwnerFlag) {
+                $user['permissions']['owner'] = ($user['role'] ?? '') === 'owner';
+            }
+            return $user;
+        }
+
+        try {
+            $cols = $this->authUserColumns();
+            $table = $cols['table'];
+            $dbCols = $this->tableColumns($table);
+            $where = sprintf('`%s` = :id', $cols['col_id']);
+            $params = [':id' => $userId];
+            $customerId = (int)($user['customer_id'] ?? 0);
+            if ($customerId > 0 && $this->columnExists($dbCols, $cols['col_customer'])) {
+                $where .= sprintf(' AND `%s` = :cid', $cols['col_customer']);
+                $params[':cid'] = $customerId;
+            }
+            $sql = sprintf('SELECT `%s` FROM `%s` WHERE %s LIMIT 1', $cols['col_role'], $table, $where);
+            $stmt = $this->pdo->prepare($sql);
+            $stmt->execute($params);
+            $row = $stmt->fetch();
+            if ($row && isset($row[$cols['col_role']])) {
+                $roleValue = $this->sanitizeRole((string)$row[$cols['col_role']]);
+                $user['role'] = $roleValue;
+                $user['permissions']['owner'] = ($roleValue === 'owner');
+                $_SESSION['auth']['role'] = $roleValue;
+                $_SESSION['auth']['permissions']['owner'] = ($roleValue === 'owner');
+            } else {
+                if ($role === '') $user['role'] = 'user';
+                if (!$hasOwnerFlag) {
+                    $user['permissions']['owner'] = ($user['role'] ?? '') === 'owner';
+                }
+            }
+        } catch (Throwable $e) {
+            if ($role === '') $user['role'] = 'user';
+            if (!$hasOwnerFlag) {
+                $user['permissions']['owner'] = ($user['role'] ?? '') === 'owner';
+            }
+        }
+
+        return $user;
+    }
+
     private function columnExists(array $columns, string $name): bool
     {
         if ($name === '') return false;