diff --git a/src/main/java/org/ays/auth/util/exception/AysUserNotSuperAdminException.java b/src/main/java/org/ays/auth/util/exception/AysUserNotSuperAdminException.java
index ce9a94f40..79a524746 100644
--- a/src/main/java/org/ays/auth/util/exception/AysUserNotSuperAdminException.java
+++ b/src/main/java/org/ays/auth/util/exception/AysUserNotSuperAdminException.java
@@ -1,13 +1,13 @@
 package org.ays.auth.util.exception;
 
-import org.ays.common.util.exception.AysAuthException;
+import org.springframework.security.access.AccessDeniedException;
 
 import java.io.Serial;
 
 /**
  * Exception to be thrown when a user is not a super admin but tries to perform an action that requires super admin privileges.
  */
-public final class AysUserNotSuperAdminException extends AysAuthException {
+public final class AysUserNotSuperAdminException extends AccessDeniedException {
 
     /**
      * Unique identifier for serialization.
diff --git a/src/test/java/org/ays/auth/controller/AysRoleEndToEndTest.java b/src/test/java/org/ays/auth/controller/AysRoleEndToEndTest.java
index d8d5cb8be..12cda31dc 100644
--- a/src/test/java/org/ays/auth/controller/AysRoleEndToEndTest.java
+++ b/src/test/java/org/ays/auth/controller/AysRoleEndToEndTest.java
@@ -373,7 +373,7 @@ void givenValidRoleCreateRequest_whenRoleCreated_thenReturnSuccess() throws Exce
     }
 
     @Test
-    void givenRoleCreateRequest_whenRequestHasSuperPermissionsAndUserIsNotSuperAdmin_thenReturnBadRequestError() throws Exception {
+    void givenRoleCreateRequest_whenRequestHasSuperPermissionsAndUserIsNotSuperAdmin_thenReturnForbiddenError() throws Exception {
 
         // Initialize
         List<AysPermission> permissions = permissionReadPort.findAll();
@@ -392,11 +392,11 @@ void givenRoleCreateRequest_whenRequestHasSuperPermissionsAndUserIsNotSuperAdmin
         MockHttpServletRequestBuilder mockHttpServletRequestBuilder = AysMockMvcRequestBuilders
                 .post(endpoint, adminToken.getAccessToken(), createRequest);
 
-        AysErrorResponse mockErrorResponse = AysErrorResponseBuilder.BAD_REQUEST;
+        AysErrorResponse mockErrorResponse = AysErrorResponseBuilder.FORBIDDEN;
 
         aysMockMvc.perform(mockHttpServletRequestBuilder, mockErrorResponse)
                 .andExpect(AysMockResultMatchersBuilders.status()
-                        .isBadRequest())
+                        .isForbidden())
                 .andExpect(AysMockResultMatchersBuilders.subErrors()
                         .doesNotHaveJsonPath());
 
@@ -514,7 +514,7 @@ void givenValidRoleUpdateRequest_whenRoleUpdated_thenReturnSuccess() throws Exce
     }
 
     @Test
-    void givenValidIdAndRoleUpdateRequest_whenRequestHasSuperPermissionsAndUserIsNotSuperAdmin_thenReturnBadRequestError() throws Exception {
+    void givenValidIdAndRoleUpdateRequest_whenRequestHasSuperPermissionsAndUserIsNotSuperAdmin_thenReturnForbiddenError() throws Exception {
 
         // Initialize
         List<AysPermission> permissions = permissionReadPort.findAll();
@@ -543,11 +543,11 @@ void givenValidIdAndRoleUpdateRequest_whenRequestHasSuperPermissionsAndUserIsNot
         MockHttpServletRequestBuilder mockHttpServletRequestBuilder = AysMockMvcRequestBuilders
                 .put(endpoint, adminToken.getAccessToken(), updateRequest);
 
-        AysErrorResponse mockErrorResponse = AysErrorResponseBuilder.BAD_REQUEST;
+        AysErrorResponse mockErrorResponse = AysErrorResponseBuilder.FORBIDDEN;
 
         aysMockMvc.perform(mockHttpServletRequestBuilder, mockErrorResponse)
                 .andExpect(AysMockResultMatchersBuilders.status()
-                        .isBadRequest())
+                        .isForbidden())
                 .andExpect(AysMockResultMatchersBuilders.subErrors()
                         .doesNotHaveJsonPath());