diff --git a/components/usermgmt/gen/openapi/proto/rpc/v3/idp.swagger.json b/components/usermgmt/gen/openapi/proto/rpc/v3/idp.swagger.json
index 4013dd8..f8fe641 100644
--- a/components/usermgmt/gen/openapi/proto/rpc/v3/idp.swagger.json
+++ b/components/usermgmt/gen/openapi/proto/rpc/v3/idp.swagger.json
@@ -154,13 +154,6 @@
             "type": "string",
             "default": "Idp"
           },
-          {
-            "name": "metadata.name",
-            "description": "Name. name of the resource",
-            "in": "query",
-            "required": false,
-            "type": "string"
-          },
           {
             "name": "metadata.displayName",
             "description": "Display Name. display name of the resource",
@@ -383,13 +376,6 @@
             "type": "string",
             "default": "Idp"
           },
-          {
-            "name": "metadata.name",
-            "description": "Name. name of the resource",
-            "in": "query",
-            "required": false,
-            "type": "string"
-          },
           {
             "name": "metadata.displayName",
             "description": "Display Name. display name of the resource",
diff --git a/components/usermgmt/gen/openapi/proto/rpc/v3/oidc_provider.swagger.json b/components/usermgmt/gen/openapi/proto/rpc/v3/oidc_provider.swagger.json
index ce52320..25798eb 100644
--- a/components/usermgmt/gen/openapi/proto/rpc/v3/oidc_provider.swagger.json
+++ b/components/usermgmt/gen/openapi/proto/rpc/v3/oidc_provider.swagger.json
@@ -154,13 +154,6 @@
             "type": "string",
             "default": "OIDCProvider"
           },
-          {
-            "name": "metadata.name",
-            "description": "Name. name of the resource",
-            "in": "query",
-            "required": false,
-            "type": "string"
-          },
           {
             "name": "metadata.displayName",
             "description": "Display Name. display name of the resource",
@@ -375,13 +368,6 @@
             "type": "string",
             "default": "OIDCProvider"
           },
-          {
-            "name": "metadata.name",
-            "description": "Name. name of the resource",
-            "in": "query",
-            "required": false,
-            "type": "string"
-          },
           {
             "name": "metadata.displayName",
             "description": "Display Name. display name of the resource",
diff --git a/components/usermgmt/main.go b/components/usermgmt/main.go
index 7bc92f0..5484323 100644
--- a/components/usermgmt/main.go
+++ b/components/usermgmt/main.go
@@ -28,7 +28,6 @@ import (
 	"github.com/RafaySystems/rcloud-base/components/usermgmt/pkg/providers"
 	"github.com/RafaySystems/rcloud-base/components/usermgmt/pkg/server"
 	"github.com/RafaySystems/rcloud-base/components/usermgmt/pkg/service"
-	pbrpcv3 "github.com/RafaySystems/rcloud-base/components/usermgmt/proto/rpc/v3"
 	rpcv3 "github.com/RafaySystems/rcloud-base/components/usermgmt/proto/rpc/v3"
 	_grpc "google.golang.org/grpc"
 )
@@ -182,12 +181,12 @@ func runAPI(wg *sync.WaitGroup, ctx context.Context) {
 		ctx,
 		fmt.Sprintf(":%d", rpcPort),
 		make([]runtime.ServeMuxOption, 0),
-		pbrpcv3.RegisterUserHandlerFromEndpoint,
-		pbrpcv3.RegisterGroupHandlerFromEndpoint,
-		pbrpcv3.RegisterRoleHandlerFromEndpoint,
-		pbrpcv3.RegisterRolepermissionHandlerFromEndpoint,
-		pbrpcv3.RegisterIdpHandlerFromEndpoint,
-		pbrpcv3.RegisterOIDCProviderHandlerFromEndpoint,
+		rpcv3.RegisterUserHandlerFromEndpoint,
+		rpcv3.RegisterGroupHandlerFromEndpoint,
+		rpcv3.RegisterRoleHandlerFromEndpoint,
+		rpcv3.RegisterRolepermissionHandlerFromEndpoint,
+		rpcv3.RegisterIdpHandlerFromEndpoint,
+		rpcv3.RegisterOIDCProviderHandlerFromEndpoint,
 	)
 	if err != nil {
 		_log.Fatalw("unable to create gateway", "error", err)
diff --git a/components/usermgmt/pkg/service/group.go b/components/usermgmt/pkg/service/group.go
index 70184ce..e7d9541 100644
--- a/components/usermgmt/pkg/service/group.go
+++ b/components/usermgmt/pkg/service/group.go
@@ -212,7 +212,7 @@ func (s *groupService) deleteGroupAccountRelations(ctx context.Context, groupId
 		return &userv3.Group{}, fmt.Errorf("unable to delete user; %v", err)
 	}
 
-	_, err = s.azc.DeleteUserGroups(ctx, &authzv1.UserGroup{Grp: group.GetMetadata().GetName()})
+	_, err = s.azc.DeleteUserGroups(ctx, &authzv1.UserGroup{Grp: "g:"+group.GetMetadata().GetName()})
 	if err != nil {
 		return &userv3.Group{}, fmt.Errorf("unable to delete gorup-user relations from authz; %v", err)
 	}
diff --git a/components/usermgmt/pkg/service/group_test.go b/components/usermgmt/pkg/service/group_test.go
index 942c887..ad38f10 100644
--- a/components/usermgmt/pkg/service/group_test.go
+++ b/components/usermgmt/pkg/service/group_test.go
@@ -80,6 +80,17 @@ func performGroupBasicAuthzChecks(t *testing.T, mazc mockAuthzClient, guuid stri
 			}
 		}
 	}
+
+	if len(mazc.dug) > 0 {
+		if mazc.dug[len(mazc.dug)-1].Grp != "g:group-"+guuid {
+			t.Errorf("invalid group sent to authz; expected 'g:group-%v', got '%v'", guuid, mazc.dug[len(mazc.dug)-1].Grp)
+		}
+	}
+	if len(mazc.dp) > 0 {
+		if mazc.dp[len(mazc.dp)-1].Sub != "g:group-"+guuid {
+			t.Errorf("invalid sub in policy sent to authz; expected '%v', got '%v'", "g:group-"+guuid, mazc.dp[len(mazc.dp)-1].Sub)
+		}
+	}
 }
 
 func TestCreateGroupNoUsersNoRoles(t *testing.T) {
diff --git a/components/usermgmt/pkg/service/role.go b/components/usermgmt/pkg/service/role.go
index 8dc61c8..4f5996f 100644
--- a/components/usermgmt/pkg/service/role.go
+++ b/components/usermgmt/pkg/service/role.go
@@ -209,7 +209,7 @@ func (s *roleService) GetByName(ctx context.Context, role *userv3.Role) (*userv3
 			return &userv3.Role{}, err
 		}
 	} else {
-
+		return nil, fmt.Errorf("unable to find role")
 	}
 	return role, nil