diff --git a/Directory.Build.props b/Directory.Build.props
index 8121c48..32df56e 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -1,7 +1,7 @@
 <Project>
   <Import Project="dependencies.props" />
   <PropertyGroup>
-    <Version>1.2.4</Version>
+    <Version>1.2.5</Version>
     <Authors>Tudor Stanciu</Authors>
     <Company>STA</Company>
     <PackageTags>NetworkResurrector</PackageTags>
diff --git a/ReleaseNotes.xml b/ReleaseNotes.xml
index 794d5ed..e118a34 100644
--- a/ReleaseNotes.xml
+++ b/ReleaseNotes.xml
@@ -170,4 +170,13 @@
 	  • The "Netmash.Security.Authentication.Tuitio" nuget package has been upgraded in backend.
     </Content>
   </Note>
+  <Note>
+    <Version>1.2.5</Version>
+    <Date>2023-04-12 23:58</Date>
+    <Content>
+      Permissions and authorizations
+      • Permissions and authorizations at the user role level have been added to the application.
+	  • The "Netmash.Security.Authentication.Tuitio" nuget package has been upgraded in backend.
+    </Content>
+  </Note>
 </ReleaseNotes>
\ No newline at end of file
diff --git a/src/api/NetworkResurrector.Api.Domain.Data/NetworkResurrector.Api.Domain.Data.csproj b/src/api/NetworkResurrector.Api.Domain.Data/NetworkResurrector.Api.Domain.Data.csproj
index ecc6078..86dec0b 100644
--- a/src/api/NetworkResurrector.Api.Domain.Data/NetworkResurrector.Api.Domain.Data.csproj
+++ b/src/api/NetworkResurrector.Api.Domain.Data/NetworkResurrector.Api.Domain.Data.csproj
@@ -22,6 +22,12 @@
     <None Update="Scripts\1.0.3\02.Insert wake and ping configs for the rest of machines.sql">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
+    <None Update="Scripts\1.2.5\01.Permission tables.sql">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
+    <None Update="Scripts\1.2.5\02.UserRoleAuthorization table.sql">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
   </ItemGroup>
 
 </Project>
diff --git a/src/api/NetworkResurrector.Api.Domain.Data/Scripts/1.2.5/01.Permission tables.sql b/src/api/NetworkResurrector.Api.Domain.Data/Scripts/1.2.5/01.Permission tables.sql
new file mode 100644
index 0000000..f4ecabe
--- /dev/null
+++ b/src/api/NetworkResurrector.Api.Domain.Data/Scripts/1.2.5/01.Permission tables.sql	
@@ -0,0 +1,46 @@
+if not exists (select top 1 1 from sys.objects where name = 'Permission' and type = 'U')
+begin
+	create table Permission
+	(
+		PermissionId int identity(1, 1) constraint PK_Permission primary key,
+		PermissionCode varchar(50) not null,
+		PermissionName varchar(100) not null,
+		PermissionDescription varchar(300) not null
+	)
+end
+
+if not exists (select top 1 1 from sys.objects where name = 'PermissionHierarchy' and type = 'U')
+begin
+	create table PermissionHierarchy
+	(
+		ParentPermissionId int not null constraint FK_PermissionHierarchy_Permission_Parent foreign key references Permission(PermissionId),
+		ChildPermissionId int not null constraint FK_PermissionHierarchy_Permission_Child foreign key references Permission(PermissionId)
+		constraint PK_PermissionHierarchy primary key (ParentPermissionId, ChildPermissionId)
+	)
+end
+
+if not exists (select top 1 1 from Permission)
+begin
+	insert into Permission(PermissionCode, PermissionName, PermissionDescription)
+	values ('VIEW_DASHBOARD', 'View dashboard', 'The user with this permission can view the dashboard.'),
+           ('MANAGE_USERS', 'Manage users', 'The user with this permission can assign permissions to users.'),
+           ('MANAGE_SETTINGS', 'Manage settings', 'The user with this permission can manage the application settings.'),
+           ('VIEW_MACHINES', 'View machines', 'The user with this permission can view machines. He cannot start or stop a machine.'),
+           ('MANAGE_MACHINES', 'Manage machines', 'The user with this permission can add, edit or delete machines.'),
+		   ('OPERATE_MACHINES', 'Operate machines', 'The user with this permission can operate machines. He can start or stop machines.'),
+		   ('GUEST_ACCESS', 'Guest access', 'The user with this permission can view the application in a read-only mode and with all data anonymized.')
+end
+
+if not exists (select top 1 1 from PermissionHierarchy)
+begin
+	declare @view_machines_permission_id int,
+			@manage_machines_permission_id int,
+			@operate_machines_permission_id int
+
+	select @view_machines_permission_id = PermissionId from Permission where PermissionCode = 'VIEW_MACHINES'
+	select @manage_machines_permission_id = PermissionId from Permission where PermissionCode = 'MANAGE_MACHINES'
+	select @operate_machines_permission_id = PermissionId from Permission where PermissionCode = 'OPERATE_MACHINES'
+
+	insert into PermissionHierarchy (ParentPermissionId, ChildPermissionId)
+	values (@manage_machines_permission_id, @view_machines_permission_id), (@operate_machines_permission_id, @view_machines_permission_id)
+end
\ No newline at end of file
diff --git a/src/api/NetworkResurrector.Api.Domain.Data/Scripts/1.2.5/02.UserRoleAuthorization table.sql b/src/api/NetworkResurrector.Api.Domain.Data/Scripts/1.2.5/02.UserRoleAuthorization table.sql
new file mode 100644
index 0000000..400f159
--- /dev/null
+++ b/src/api/NetworkResurrector.Api.Domain.Data/Scripts/1.2.5/02.UserRoleAuthorization table.sql	
@@ -0,0 +1,10 @@
+if not exists (select top 1 1 from sys.objects where name = 'UserRoleAuthorization' and type = 'U')
+begin
+	create table UserRoleAuthorization
+	(
+		UserRoleId int not null,
+		PermissionId int not null constraint FK_UserRoleAuthorization_Permission foreign key references Permission(PermissionId),
+		Active bit not null,
+		constraint PK_UserRoleAuthorization primary key (PermissionId, UserRoleId)
+	)
+end
\ No newline at end of file