diff --git a/src/main/java/edu/tamu/scholars/middleware/config/WebSecurityConfig.java b/src/main/java/edu/tamu/scholars/middleware/config/WebSecurityConfig.java
index 9f67ec28a..2e677ae48 100644
--- a/src/main/java/edu/tamu/scholars/middleware/config/WebSecurityConfig.java
+++ b/src/main/java/edu/tamu/scholars/middleware/config/WebSecurityConfig.java
@@ -152,7 +152,6 @@ public CookieSerializer cookieSerializer() {
         serializer.setCookiePath("/");
         serializer.setCookieName("SESSION");
         serializer.setDomainName(domainName);
-
         return serializer;
     }
 
@@ -174,10 +173,14 @@ protected SecurityFilterChain configure(HttpSecurity http) throws Exception {
                     "/directoryViews/{id}",
                     "/discoveryViews/{id}",
                     "/displayViews/{id}",
-                    "/themes/{id}",
-                    "/users/{id}")
+                    "/themes/{id}"
+                    )
                     .hasRole("ADMIN")
 
+                .antMatchers(PATCH,
+                    "/users/{id}"
+                ).hasRole("SUPER_ADMIN")
+
                 .antMatchers(POST,
                     "/registration")
                     .permitAll()