diff --git a/packages/backend/src/main.ts b/packages/backend/src/main.ts
index 414d14f..cfd6e60 100644
--- a/packages/backend/src/main.ts
+++ b/packages/backend/src/main.ts
@@ -37,8 +37,10 @@ import { RbacService } from './services/rbac.service.js'
 import { ModuleService } from './services/module.service.js'
 import { AppConfigService } from './services/config.service.js'
 import { SettingsService } from './services/settings.service.js'
+import { eq } from 'drizzle-orm'
 import { users } from './db/schema/users.js'
 import { companies } from './db/schema/stores.js'
+import { roles, userRoles } from './db/schema/rbac.js'
 import { EmailService } from './services/email.service.js'
 import bcrypt from 'bcryptjs'
 
@@ -55,6 +57,13 @@ async function seedInitialUser(app: Awaited<ReturnType<typeof buildApp>>) {
   const tempPassword = crypto.randomUUID()
   const passwordHash = await bcrypt.hash(tempPassword, 10)
   const [user] = await app.db.insert(users).values({ email, passwordHash, firstName, lastName, role: 'admin' }).returning({ id: users.id })
+
+  // Assign the Admin RBAC role
+  const [adminRole] = await app.db.select({ id: roles.id }).from(roles).where(eq(roles.name, 'Admin')).limit(1)
+  if (adminRole) {
+    await app.db.insert(userRoles).values({ userId: user.id, roleId: adminRole.id })
+  }
+
   app.log.info({ email }, 'Initial admin user created')
 
   // Send welcome email with password setup link