diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py b/spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py
index 8e9ba837f..1475a37b8 100644
--- a/spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py
+++ b/spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py
@@ -538,6 +538,12 @@ class AuthorizationService:
         for permission in ["create", "read", "update", "delete"]:
             permissions_to_assign.append(PermissionToAssign(permission=permission, target_uri="/secrets/*"))
 
+        permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/authentication/configuration"))
+        permissions_to_assign.append(PermissionToAssign(permission="read", target_uri="/authentication_begin/*"))
+        permissions_to_assign.append(
+            PermissionToAssign(permission="update", target_uri="/authentication/configuration")
+        )
+
         return permissions_to_assign
 
     @classmethod
diff --git a/spiffworkflow-backend/tests/spiffworkflow_backend/unit/test_authorization_service.py b/spiffworkflow-backend/tests/spiffworkflow_backend/unit/test_authorization_service.py
index 1c86defc1..876aa49ab 100644
--- a/spiffworkflow-backend/tests/spiffworkflow_backend/unit/test_authorization_service.py
+++ b/spiffworkflow-backend/tests/spiffworkflow_backend/unit/test_authorization_service.py
@@ -508,6 +508,9 @@ class TestAuthorizationService(BaseTest):
         return sorted(
             self._expected_support_permissions()
             + [
+                ("/authentication/configuration", "read"),
+                ("/authentication/configuration", "update"),
+                ("/authentication_begin/*", "read"),
                 ("/secrets/*", "create"),
                 ("/secrets/*", "delete"),
                 ("/secrets/*", "read"),