diff --git a/src/routes/api/auth/register.ts b/src/routes/api/auth/register.ts
index 22b6307..9c681b9 100644
--- a/src/routes/api/auth/register.ts
+++ b/src/routes/api/auth/register.ts
@@ -92,7 +92,10 @@ async function handler(
 		}
 
 		roles.push("user");
-		if (firstUser) roles.push("admin");
+		if (firstUser) {
+			roles.push("admin");
+			roles.push("superadmin");
+		}
 
 		const [result] = await reservation`
 				SELECT
diff --git a/src/routes/api/files/delete[query].ts b/src/routes/api/files/delete[query].ts
index 6469bc6..a4dece0 100644
--- a/src/routes/api/files/delete[query].ts
+++ b/src/routes/api/files/delete[query].ts
@@ -124,7 +124,7 @@ async function handler(
 		);
 	}
 
-	const isAdmin: boolean = request.session.roles.includes("admin");
+	const isAdmin: boolean = request.session.roles.includes("admin") || request.session.roles.includes("superadmin");
 	const { query: file } = request.params as { query: string };
 	let { files } = requestBody as { files: string[] | string };
 	// const { password } = request.query as { password: string };
diff --git a/src/routes/api/invite/create.ts b/src/routes/api/invite/create.ts
index ee2dfd1..a281958 100644
--- a/src/routes/api/invite/create.ts
+++ b/src/routes/api/invite/create.ts
@@ -37,7 +37,7 @@ async function handler(
 		);
 	}
 
-	const isAdmin: boolean = request.session.roles.includes("admin");
+	const isAdmin: boolean = request.session.roles.includes("admin") || request.session.roles.includes("superadmin");
 
 	if (!isAdmin && !getSetting("allow_user_invites")) {
 		return Response.json(
diff --git a/src/routes/api/invite/delete[invite].ts b/src/routes/api/invite/delete[invite].ts
index fbbd38e..f9889bd 100644
--- a/src/routes/api/invite/delete[invite].ts
+++ b/src/routes/api/invite/delete[invite].ts
@@ -21,7 +21,7 @@ async function handler(request: ExtendedRequest): Promise<Response> {
 		);
 	}
 
-	const isAdmin: boolean = request.session.roles.includes("admin");
+	const isAdmin: boolean = request.session.roles.includes("admin") || request.session.roles.includes("superadmin");
 	const { invite } = request.params as { invite: string };
 
 	if (!invite) {
diff --git a/src/routes/api/user/avatar/delete.ts b/src/routes/api/user/avatar/delete.ts
index 9ea6295..a759cd2 100644
--- a/src/routes/api/user/avatar/delete.ts
+++ b/src/routes/api/user/avatar/delete.ts
@@ -59,7 +59,7 @@ async function handler(request: ExtendedRequest): Promise<Response> {
 	}
 
 	const userID: UUID = (request.query.user as UUID) || request.session.id;
-	const isAdmin: boolean = request.session.roles.includes("admin");
+	const isAdmin: boolean = request.session.roles.includes("admin") || request.session.roles.includes("superadmin");
 
 	if (request.session.id !== userID && !isAdmin) {
 		return Response.json(