diff --git a/litellm/proxy/_types.py b/litellm/proxy/_types.py
index e4195c196c..1806fabc77 100644
--- a/litellm/proxy/_types.py
+++ b/litellm/proxy/_types.py
@@ -1086,7 +1086,16 @@ class UserAPIKeyAuth(
     """
 
     api_key: Optional[str] = None
-    user_role: Optional[Literal["proxy_admin", "app_owner", "app_user"]] = None
+    user_role: Optional[
+        Literal[
+            "proxy_admin",
+            "proxy_admin_view_only",
+            "internal_user",
+            "internal_user_view_only",
+            "team",
+            "customer",
+        ]
+    ] = None
     allowed_model_region: Optional[Literal["eu"]] = None
 
     @root_validator(pre=True)
diff --git a/litellm/proxy/proxy_server.py b/litellm/proxy/proxy_server.py
index 726a6c51e2..629ab3dd3b 100644
--- a/litellm/proxy/proxy_server.py
+++ b/litellm/proxy/proxy_server.py
@@ -507,7 +507,9 @@ async def user_api_key_auth(
 
         if route in LiteLLMRoutes.public_routes.value:
             # check if public endpoint
-            return UserAPIKeyAuth(user_role="app_owner")
+            return UserAPIKeyAuth(
+                user_role=LitellmUserRoles.INTERNAL_USER_VIEW_ONLY.value
+            )
 
         if general_settings.get("enable_jwt_auth", False) == True:
             is_jwt = jwt_handler.is_jwt(token=api_key)
@@ -666,7 +668,7 @@ async def user_api_key_auth(
                         team_object.rpm_limit if team_object is not None else None
                     ),
                     team_models=team_object.models if team_object is not None else [],
-                    user_role="app_owner",
+                    user_role=LitellmUserRoles.INTERNAL_USER.value,
                     user_id=user_id,
                     org_id=org_id,
                 )