diff --git a/README.md b/README.md
index d84f076..f49068d 100644
--- a/README.md
+++ b/README.md
@@ -19,7 +19,7 @@ Set postgres password by
 export POSTGRES_PASSWORD=<my db password>
 ```
 
-If config ```acdc.auth.enabled = true``` is enabled, authorization api-keys are SHA-256 hashed.  The REST enb-points should include a http header key ```x-api-key``` with appropriate value.
+If config ```acdc.auth.enabled = true``` is enabled, authorization api-keys are SHA-256 hashed.  The REST endpoints should include a http header key ```x-api-key``` with appropriate value.
 
 Set an environment variable for the authorized x-api-key hashed string.  Example:
 
diff --git a/acdc-ws/app/utils/Authorization.scala b/acdc-ws/app/utils/Authorization.scala
index 83d87e2..ac91818 100644
--- a/acdc-ws/app/utils/Authorization.scala
+++ b/acdc-ws/app/utils/Authorization.scala
@@ -23,9 +23,12 @@ class Authorization(private var authorizationSettings: AuthorizationSettings) {
   def getRoles(request: Request[_]): List[String] = {
     (authorizationSettings.apiKeyAuthEnabled, authorizationSettings.xfccKeyAuthEnabled) match {
       case (true, true) =>
-        if (getKeyRoles(request.headers.get(authorizationSettings.apiKeyAuthHeader)) ==
-          getXfccRoles(request.headers.get(authorizationSettings.xfccAuthHeader))) {
-          List(Admin)
+        if (!getKeyRoles(request.headers.get(authorizationSettings.apiKeyAuthHeader)).isEmpty) {
+          if (!getXfccRoles(request.headers.get(authorizationSettings.xfccAuthHeader)).isEmpty) {
+            List(Admin)
+          } else {
+            List.empty
+          }
         } else {
           List.empty
         }
diff --git a/version.sbt b/version.sbt
index 2b78aa7..af29949 100644
--- a/version.sbt
+++ b/version.sbt
@@ -1 +1 @@
- ThisBuild / version := "0.11.0"
+ ThisBuild / version := "0.11.1"