diff --git a/packages/nocodb/src/middlewares/extract-ids/extract-ids.middleware.ts b/packages/nocodb/src/middlewares/extract-ids/extract-ids.middleware.ts
index 6dd0c79582..d5ed6a9c33 100644
--- a/packages/nocodb/src/middlewares/extract-ids/extract-ids.middleware.ts
+++ b/packages/nocodb/src/middlewares/extract-ids/extract-ids.middleware.ts
@@ -180,8 +180,8 @@ export class ExtractIdsMiddleware implements NestMiddleware, CanActivate {
 }
 
 function getUserRoleForScope(user: any, scope: string) {
-  if (scope === 'project' || scope === 'workspace') {
-    return user?.project_roles || user?.workspace_roles;
+  if (scope === 'project') {
+    return user?.project_roles;
   } else if (scope === 'org') {
     return user?.roles;
   }
diff --git a/packages/nocodb/src/strategies/authtoken.strategy/authtoken.strategy.ts b/packages/nocodb/src/strategies/authtoken.strategy/authtoken.strategy.ts
index c453ec90ae..331d805ed3 100644
--- a/packages/nocodb/src/strategies/authtoken.strategy/authtoken.strategy.ts
+++ b/packages/nocodb/src/strategies/authtoken.strategy/authtoken.strategy.ts
@@ -1,5 +1,6 @@
 import { Injectable } from '@nestjs/common';
 import { PassportStrategy } from '@nestjs/passport';
+import { extractRolesObj, ProjectRoles } from 'nocodb-sdk';
 import { Strategy } from 'passport-custom';
 import { ApiToken, ProjectUser, User } from '~/models';
 import { sanitiseUserObj } from '~/utils';
@@ -16,9 +17,12 @@ export class AuthTokenStrategy extends PassportStrategy(Strategy, 'authtoken') {
           return callback({ msg: 'Invalid token' });
         }
 
-        user = {};
+        user = {
+          is_api_token: true,
+        };
+
         if (!apiToken.fk_user_id) {
-          user.roles = 'editor';
+          user.project_roles = extractRolesObj(ProjectRoles.EDITOR);
           return callback(null, user);
         }
 
@@ -29,17 +33,18 @@ export class AuthTokenStrategy extends PassportStrategy(Strategy, 'authtoken') {
 
         Object.assign(user, {
           id: dbUser.id,
-          roles: dbUser.roles,
+          roles: extractRolesObj(dbUser.roles),
         });
 
-        dbUser.is_api_token = true;
         if (req['ncProjectId']) {
           const projectUser = await ProjectUser.get(
             req['ncProjectId'],
             dbUser.id,
           );
-          user.roles = projectUser?.roles || dbUser.roles;
-          user.roles = user.roles === 'owner' ? 'owner,creator' : user.roles;
+          user.project_roles = extractRolesObj(projectUser?.roles);
+          if (user.project_roles.owner) {
+            user.project_roles.creator = true;
+          }
           return callback(null, sanitiseUserObj(user));
         }
       }