diff --git a/pages/api/users/[id]/role.ts b/pages/api/users/[id]/role.ts
new file mode 100644
index 00000000..aab90ebd
--- /dev/null
+++ b/pages/api/users/[id]/role.ts
@@ -0,0 +1,73 @@
+import { UserRole } from '@prisma/client';
+import { NextApiRequestQueryBody } from 'interface/api/nextApi';
+import { checkPermission } from 'lib/auth';
+import { UmamiApi } from 'lib/constants';
+import { uuid } from 'lib/crypto';
+import { useAuth } from 'lib/middleware';
+import { NextApiResponse } from 'next';
+import { badRequest, methodNotAllowed, ok, unauthorized } from 'next-basics';
+import { createUserRole, deleteUserRole, getUserRole, getUserRoles } from 'queries';
+
+export interface UserRoleRequestQuery {
+  id: string;
+}
+
+export interface UserRoleRequestBody {
+  roleId: string;
+  teamId?: string;
+  userRoleId?: string;
+}
+
+export default async (
+  req: NextApiRequestQueryBody<UserRoleRequestQuery, UserRoleRequestBody>,
+  res: NextApiResponse<UserRole>,
+) => {
+  await useAuth(req, res);
+
+  const {
+    user: { id: userId },
+  } = req.auth;
+  const { id } = req.query;
+
+  if (id !== userId || !(await checkPermission(req, UmamiApi.Permission.Admin))) {
+    return unauthorized(res);
+  }
+
+  if (req.method === 'GET') {
+    const userRole = await getUserRoles({ userId: id });
+
+    return ok(res, userRole);
+  }
+
+  if (req.method === 'POST') {
+    const { roleId, teamId } = req.body;
+
+    // Check when userRolename changes
+    const userRole = getUserRole({ userId: id, roleId, teamId });
+
+    if (userRole) {
+      return badRequest(res, 'Role already exists for User.');
+    }
+
+    const updated = await createUserRole({ id: uuid(), userId: id, roleId, teamId });
+
+    return ok(res, updated);
+  }
+
+  if (req.method === 'DELETE') {
+    const { userRoleId } = req.body;
+
+    // Check when userRolename changes
+    const userRole = getUserRole({ id: userRoleId });
+
+    if (userRole) {
+      return badRequest(res, 'Role already exists for User.');
+    }
+
+    const updated = await deleteUserRole(userRoleId);
+
+    return ok(res, updated);
+  }
+
+  return methodNotAllowed(res);
+};
diff --git a/queries/admin/userRole.ts b/queries/admin/userRole.ts
index ee2a1a2f..b93b1042 100644
--- a/queries/admin/userRole.ts
+++ b/queries/admin/userRole.ts
@@ -21,6 +21,15 @@ export async function getUserRoles(where: Prisma.UserRoleWhereInput): Promise<Us
   });
 }
 
+export async function getUserRolesByUserId(userId: string, teamId?: string): Promise<UserRole[]> {
+  return prisma.client.userRole.findMany({
+    where: {
+      userId,
+      teamId,
+    },
+  });
+}
+
 export async function updateUserRole(
   data: Prisma.UserRoleUpdateInput,
   where: Prisma.UserRoleWhereUniqueInput,
diff --git a/queries/index.js b/queries/index.js
index e14c6d84..1a029edb 100644
--- a/queries/index.js
+++ b/queries/index.js
@@ -2,10 +2,8 @@ export * from './admin/permission';
 export * from './admin/role';
 export * from './admin/team';
 export * from './admin/teamUser';
-export * from './admin/teamWebsite';
 export * from './admin/user';
 export * from './admin/userRole';
-export * from './admin/userWebsite';
 export * from './admin/website';
 export * from './analytics/event/getEventMetrics';
 export * from './analytics/event/getEvents';