diff --git a/packages/services/auth-service/src/interfaces/rest/controllers/tenant.controller.ts b/packages/services/auth-service/src/interfaces/rest/controllers/tenant.controller.ts
index ce2aee2..acf1633 100644
--- a/packages/services/auth-service/src/interfaces/rest/controllers/tenant.controller.ts
+++ b/packages/services/auth-service/src/interfaces/rest/controllers/tenant.controller.ts
@@ -159,7 +159,7 @@ export class TenantController {
    * GET /api/v1/admin/tenants/:id/members
    */
   @Get(':id/members')
-  @Roles('admin')
+  @Roles('admin', 'platform_admin', 'platform_super_admin')
   async listMembers(@Param('id') id: string) {
     const tenant = await this.findTenantOrFail(id);
     const schemaName = `it0_t_${tenant.slug}`;
@@ -186,7 +186,7 @@ export class TenantController {
    * PATCH /api/v1/admin/tenants/:id/members/:memberId
    */
   @Patch(':id/members/:memberId')
-  @Roles('admin')
+  @Roles('admin', 'platform_admin', 'platform_super_admin')
   async updateMember(
     @Param('id') tenantId: string,
     @Param('memberId') memberId: string,
@@ -259,7 +259,7 @@ export class TenantController {
    * DELETE /api/v1/admin/tenants/:id/members/:memberId
    */
   @Delete(':id/members/:memberId')
-  @Roles('admin')
+  @Roles('admin', 'platform_admin', 'platform_super_admin')
   async removeMember(
     @Param('id') tenantId: string,
     @Param('memberId') memberId: string,
@@ -296,7 +296,7 @@ export class TenantController {
    * GET /api/v1/admin/tenants/:id/invites
    */
   @Get(':id/invites')
-  @Roles('admin')
+  @Roles('admin', 'platform_admin', 'platform_super_admin')
   async listInvites(@Param('id') id: string) {
     const tenant = await this.findTenantOrFail(id);
     const invites = await this.authService.listInvites(tenant.slug);
@@ -315,7 +315,7 @@ export class TenantController {
    * POST /api/v1/admin/tenants/:id/invites
    */
   @Post(':id/invites')
-  @Roles('admin')
+  @Roles('admin', 'platform_admin', 'platform_super_admin')
   async createInvite(
     @Param('id') id: string,
     @Body() body: { email: string; role?: string },
@@ -343,7 +343,7 @@ export class TenantController {
    * DELETE /api/v1/admin/tenants/:id/invites/:inviteId
    */
   @Delete(':id/invites/:inviteId')
-  @Roles('admin')
+  @Roles('admin', 'platform_admin', 'platform_super_admin')
   async revokeInvite(
     @Param('id') id: string,
     @Param('inviteId') inviteId: string,