diff --git a/web/src/app/modules/admin/admin.module.ts b/web/src/app/modules/admin/admin.module.ts
index 0c70f8f..15f924e 100644
--- a/web/src/app/modules/admin/admin.module.ts
+++ b/web/src/app/modules/admin/admin.module.ts
@@ -1,28 +1,34 @@
-import { NgModule } from "@angular/core";
-import { CommonModule } from "@angular/common";
-import { RouterModule, Routes } from "@angular/router";
-import { SharedModule } from "src/app/modules/shared/shared.module";
+import { NgModule } from '@angular/core';
+import { CommonModule } from '@angular/common';
+import { RouterModule, Routes } from '@angular/router';
+import { SharedModule } from 'src/app/modules/shared/shared.module';
+import { PermissionGuard } from 'src/app/core/guard/permission.guard';
+import { PermissionsEnum } from 'src/app/model/auth/permissionsEnum';
 
 const routes: Routes = [
   {
-    path: "groups",
+    path: 'groups',
     loadChildren: () =>
-      import("src/app/modules/admin/groups/groups.module").then(
-        (m) => m.GroupsModule,
+      import('src/app/modules/admin/groups/groups.module').then(
+        m => m.GroupsModule
       ),
+    canActivate: [PermissionGuard],
+    data: { permissions: [PermissionsEnum.groups] },
   },
   {
-    path: "urls",
+    path: 'urls',
     loadChildren: () =>
-      import("src/app/modules/admin/short-urls/short-urls.module").then(
-        (m) => m.ShortUrlsModule,
+      import('src/app/modules/admin/short-urls/short-urls.module').then(
+        m => m.ShortUrlsModule
       ),
+    canActivate: [PermissionGuard],
+    data: { permissions: [PermissionsEnum.shortUrls] },
   },
   {
-    path: "administration",
+    path: 'administration',
     loadChildren: () =>
-      import("src/app/modules/admin/administration/administration.module").then(
-        (m) => m.AdministrationModule,
+      import('src/app/modules/admin/administration/administration.module').then(
+        m => m.AdministrationModule
       ),
   },
 ];
diff --git a/web/src/app/service/sidebar.service.ts b/web/src/app/service/sidebar.service.ts
index 61ddac4..6c9d162 100644
--- a/web/src/app/service/sidebar.service.ts
+++ b/web/src/app/service/sidebar.service.ts
@@ -1,18 +1,18 @@
-import { Injectable } from "@angular/core";
-import { BehaviorSubject } from "rxjs";
-import { MenuElement } from "src/app/model/view/menu-element";
-import { AuthService } from "src/app/service/auth.service";
-import { PermissionsEnum } from "src/app/model/auth/permissionsEnum";
+import { Injectable } from '@angular/core';
+import { BehaviorSubject } from 'rxjs';
+import { MenuElement } from 'src/app/model/view/menu-element';
+import { AuthService } from 'src/app/service/auth.service';
+import { PermissionsEnum } from 'src/app/model/auth/permissionsEnum';
 
 @Injectable({
-  providedIn: "root",
+  providedIn: 'root',
 })
 export class SidebarService {
   visible$ = new BehaviorSubject<boolean>(true);
   elements$ = new BehaviorSubject<MenuElement[]>([]);
 
   constructor(private auth: AuthService) {
-    this.auth.user$.subscribe((user) => {
+    this.auth.user$.subscribe(user => {
       if (user) {
         this.setElements().then();
       }
@@ -31,14 +31,18 @@ export class SidebarService {
   async setElements() {
     const elements: MenuElement[] = [
       {
-        label: "common.groups",
-        icon: "pi pi-tags",
-        routerLink: ["/admin/groups"],
+        label: 'common.groups',
+        icon: 'pi pi-tags',
+        routerLink: ['/admin/groups'],
+        visible: await this.auth.hasAnyPermissionLazy([PermissionsEnum.groups]),
       },
       {
-        label: "common.urls",
-        icon: "pi pi-tag",
-        routerLink: ["/admin/urls"],
+        label: 'common.urls',
+        icon: 'pi pi-tag',
+        routerLink: ['/admin/urls'],
+        visible: await this.auth.hasAnyPermissionLazy([
+          PermissionsEnum.shortUrls,
+        ]),
       },
       await this.groupAdministration(),
     ];
@@ -47,30 +51,35 @@ export class SidebarService {
 
   async groupAdministration() {
     return {
-      label: "sidebar.administration",
-      icon: "pi pi-wrench",
+      label: 'sidebar.administration',
+      icon: 'pi pi-wrench',
       expanded: true,
+      visible: await this.auth.hasAnyPermissionLazy([
+        PermissionsEnum.users,
+        PermissionsEnum.roles,
+        PermissionsEnum.apiKeys,
+      ]),
       items: [
         {
-          label: "sidebar.users",
-          icon: "pi pi-user",
-          routerLink: ["/admin/administration/users"],
+          label: 'sidebar.users',
+          icon: 'pi pi-user',
+          routerLink: ['/admin/administration/users'],
           visible: await this.auth.hasAnyPermissionLazy([
             PermissionsEnum.users,
           ]),
         },
         {
-          label: "sidebar.roles",
-          icon: "pi pi-user-edit",
-          routerLink: ["/admin/administration/roles"],
+          label: 'sidebar.roles',
+          icon: 'pi pi-user-edit',
+          routerLink: ['/admin/administration/roles'],
           visible: await this.auth.hasAnyPermissionLazy([
             PermissionsEnum.roles,
           ]),
         },
         {
-          label: "sidebar.api_keys",
-          icon: "pi pi-key",
-          routerLink: ["/admin/administration/api-keys"],
+          label: 'sidebar.api_keys',
+          icon: 'pi pi-key',
+          routerLink: ['/admin/administration/api-keys'],
           visible: await this.auth.hasAnyPermissionLazy([
             PermissionsEnum.apiKeys,
           ]),