diff --git a/src/Controller/Administration/RoleController.php b/src/Controller/Administration/RoleController.php
new file mode 100644
index 0000000..d6d3840
--- /dev/null
+++ b/src/Controller/Administration/RoleController.php
@@ -0,0 +1,67 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Controller\Administration;
+
+use App\Form\RoleType;
+use App\Repository\UserEntityRepository;
+use Doctrine\ORM\EntityManagerInterface;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Attribute\Route;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+
+class RoleController extends AbstractController
+{
+    #[Route('/admin/role', name: 'admin_roles')]
+    public function index(): Response
+    {
+        $form = $this->createForm(RoleType::class);
+
+        return $this->render('admin/roles.html.twig', [
+            'form' => $form->createView(),
+        ]);
+    }
+
+    /**
+     * Add a role to current user as submitted in a form
+     */
+    #[Route('/admin/role/add', name: 'admin_roles_add')]
+    public function addRole(Request $request, UserEntityRepository $userRepository, EntityManagerInterface $em, TokenStorageInterface $tokenStorage): Response
+    {
+        // get role from request and add to current user's roles and save to db
+        $npub = $this->getUser()->getUserIdentifier();
+
+        $form = $this->createForm(RoleType::class);
+        $form->handleRequest($request);
+
+        if (!$form->isSubmitted() || !$form->isValid()) {
+            return $this->render('admin/roles.html.twig', [
+                'form' => $form->createView(),
+            ]);
+        }
+
+        $role = $form->get('role')->getData();
+        $user = $userRepository->findOneBy(['npub' => $npub]);
+        $user->addRole($role);
+        $em->persist($user);
+        $em->flush();
+
+        // regenerate token with new roles
+        // Refresh the user token after update
+        $token = $tokenStorage->getToken();
+        if ($token) {
+            $token->setUser($user);
+            $tokenStorage->setToken($token);
+        }
+
+        // add a flash message
+        $this->addFlash('success', 'Role added to user');
+
+        return $this->render('admin/roles.html.twig', [
+            'form' => $form->createView(),
+        ]);
+    }
+}
diff --git a/src/Form/RoleType.php b/src/Form/RoleType.php
new file mode 100644
index 0000000..e8ff869
--- /dev/null
+++ b/src/Form/RoleType.php
@@ -0,0 +1,33 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Form;
+
+use Symfony\Component\Form\AbstractType;
+use Symfony\Component\Form\Extension\Core\Type\SubmitType;
+use Symfony\Component\Form\Extension\Core\Type\TextType;
+use Symfony\Component\Form\FormBuilderInterface;
+use Symfony\Component\OptionsResolver\OptionsResolver;
+
+
+class RoleType extends AbstractType
+{
+
+    public function buildForm(FormBuilderInterface $builder, array $options)
+    {
+        $builder
+            ->setAction('/admin/role/add')
+            ->add('role', TextType::class, [
+                'required' => true,
+            ])
+            ->add('submit', SubmitType::class, [
+                'label' => 'Add Role',
+            ])
+        ;
+    }
+
+    public function configureOptions(OptionsResolver $resolver)
+    {
+    }
+}
diff --git a/templates/admin/roles.html.twig b/templates/admin/roles.html.twig
new file mode 100644
index 0000000..a3cd83d
--- /dev/null
+++ b/templates/admin/roles.html.twig
@@ -0,0 +1,17 @@
+{% extends 'base.html.twig' %}
+
+{% block body %}
+    <h1>{{ 'heading.roles'|trans }}</h1>
+
+    {# Flash messages for feedback #}
+    {% for message in app.flashes('success') %}
+        <div class="alert alert-success">
+            {{ message }}
+        </div>
+    {% endfor %}
+
+    {# Form for adding a new role #}
+    {{ form_start(form) }}
+    {{ form_widget(form) }}
+
+{% endblock %}
diff --git a/translations/messages.en.yaml b/translations/messages.en.yaml
index 4574c77..3b016ea 100644
--- a/translations/messages.en.yaml
+++ b/translations/messages.en.yaml
@@ -1,2 +1,4 @@
 text:
     byline: 'By'
+heading:
+    roles: 'Roles'