diff --git a/packages/auth/src/security/roles.js b/packages/auth/src/security/roles.js
index e7055c9147..baa8fc40dc 100644
--- a/packages/auth/src/security/roles.js
+++ b/packages/auth/src/security/roles.js
@@ -147,7 +147,7 @@ exports.getRole = async (appId, roleId) => {
  */
 async function getAllUserRoles(appId, userRoleId) {
   if (!userRoleId) {
-    return [BUILTIN_IDS.PUBLIC]
+    return [BUILTIN_IDS.BASIC]
   }
   let currentRole = await exports.getRole(appId, userRoleId)
   let roles = currentRole ? [currentRole] : []
@@ -226,7 +226,7 @@ exports.getAllRoles = async appId => {
       dbRole => exports.getExternalRoleID(dbRole._id) === builtinRoleId
     )[0]
     if (dbBuiltin == null) {
-      roles.push(builtinRole || builtinRoles.PUBLIC)
+      roles.push(builtinRole || builtinRoles.BASIC)
     } else {
       // remove role and all back after combining with the builtin
       roles = roles.filter(role => role._id !== dbBuiltin._id)
diff --git a/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte b/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte
index 8b0591f575..27cf266c5d 100644
--- a/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte
+++ b/packages/builder/src/pages/builder/portal/manage/users/[userId].svelte
@@ -33,7 +33,7 @@
     role: {},
   }
 
-  $: defaultRoleId = $userFetch?.data?.builder?.global ? "ADMIN" : "PUBLIC"
+  $: defaultRoleId = $userFetch?.data?.builder?.global ? "ADMIN" : "BASIC"
   // Merge the Apps list and the roles response to get something that makes sense for the table
   $: appList = Object.keys($apps?.data).map(id => {
     const role = $userFetch?.data?.roles?.[id] || defaultRoleId
diff --git a/packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte b/packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte
index 08e4a2ec8b..436ba28bba 100644
--- a/packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte
+++ b/packages/builder/src/pages/builder/portal/manage/users/_components/UpdateRolesModal.svelte
@@ -9,7 +9,7 @@
   const dispatch = createEventDispatcher()
 
   const roles = app.roles
-  let options = roles.map(role => role._id)
+  let options = roles.map(role => role._id).filter(id => id !== "PUBLIC")
   let selectedRole = user?.roles?.[app?._id]
 
   async function updateUserRoles() {
diff --git a/packages/server/src/middleware/currentapp.js b/packages/server/src/middleware/currentapp.js
index 683b7f8ef3..0e9591456c 100644
--- a/packages/server/src/middleware/currentapp.js
+++ b/packages/server/src/middleware/currentapp.js
@@ -45,10 +45,10 @@ module.exports = async (ctx, next) => {
     updateCookie = true
     appId = requestAppId
     // retrieving global user gets the right role
-    roleId = globalUser.roleId || BUILTIN_ROLE_IDS.PUBLIC
+    roleId = globalUser.roleId || BUILTIN_ROLE_IDS.BASIC
   } else if (appCookie != null) {
     appId = appCookie.appId
-    roleId = appCookie.roleId || BUILTIN_ROLE_IDS.PUBLIC
+    roleId = appCookie.roleId || BUILTIN_ROLE_IDS.BASIC
   }
   // nothing more to do
   if (!appId) {
diff --git a/packages/server/src/utilities/global.js b/packages/server/src/utilities/global.js
index 17ce066551..eddbd63cd7 100644
--- a/packages/server/src/utilities/global.js
+++ b/packages/server/src/utilities/global.js
@@ -19,7 +19,7 @@ exports.updateAppRole = (appId, user) => {
   if (!user.roleId && user.builder && user.builder.global) {
     user.roleId = BUILTIN_ROLE_IDS.ADMIN
   } else if (!user.roleId) {
-    user.roleId = BUILTIN_ROLE_IDS.PUBLIC
+    user.roleId = BUILTIN_ROLE_IDS.BASIC
   }
   delete user.roles
   return user