diff --git a/server/controllers/UserController.js b/server/controllers/UserController.js
index d1b93695..46ba943e 100644
--- a/server/controllers/UserController.js
+++ b/server/controllers/UserController.js
@@ -270,8 +270,10 @@ class UserController {
       const permissions = {
         ...user.permissions
       }
+      const defaultPermissions = Database.userModel.getDefaultPermissionsForUserType(updatePayload.type || user.type || 'user')
       for (const key in updatePayload.permissions) {
-        if (permissions[key] !== undefined) {
+        // Check that the key is a valid permission key or is included in the default permissions
+        if (permissions[key] !== undefined || defaultPermissions[key] !== undefined) {
           if (typeof updatePayload.permissions[key] !== 'boolean') {
             Logger.warn(`[UserController] update: Invalid permission value for key ${key}. Should be boolean`)
           } else if (permissions[key] !== updatePayload.permissions[key]) {
diff --git a/server/models/User.js b/server/models/User.js
index 123d8fdf..2dd02b68 100644
--- a/server/models/User.js
+++ b/server/models/User.js
@@ -108,6 +108,7 @@ class User extends Model {
       accessAllLibraries: true,
       accessAllTags: true,
       accessExplicitContent: true,
+      selectedTagsNotAccessible: false,
       librariesAccessible: [],
       itemTagsSelected: []
     }