diff --git a/api/v1/roles.py b/api/v1/roles.py
index 958c1a1..9184fa8 100644
--- a/api/v1/roles.py
+++ b/api/v1/roles.py
@@ -2,12 +2,12 @@ from fastapi import APIRouter, Depends, HTTPException
 from sqlalchemy.ext.asyncio import AsyncSession
 from config.database import get_db
 from services.role_service import RoleService
-from models.schemas import Role, PermissionResponse
+from models.schemas import Permission, Role, PermissionResponse
 from fastapi.security import OAuth2PasswordBearer
 from typing import List
 
 router = APIRouter()
-oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/token")
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/auth/token")
 
 
 @router.post("/", status_code=201)
@@ -50,9 +50,9 @@ async def delete_role(role_id: int, db: AsyncSession = Depends(get_db), token: s
     return await RoleService.delete_role(role_id, db, token)
 
 
-@router.get("/permissions", response_model=List[PermissionResponse])
-async def get_all_permissions():
+@router.get("/roles/permissions", response_model=List[Permission])
+async def get_all_permissions(db: AsyncSession = Depends(get_db)):
     """
     Récupérer toutes les permissions disponibles.
     """
-    return RoleService.get_all_permissions()
+    return await RoleService.get_all_permissions(db)
diff --git a/models/schemas.py b/models/schemas.py
index c556263..fc7b5e0 100644
--- a/models/schemas.py
+++ b/models/schemas.py
@@ -48,6 +48,10 @@ class UserResponse(BaseModel):
     class Config:
         from_attributes = True
 
+class Permission(BaseModel):
+    id: int
+    name: str
+
 class Role(BaseModel):
     id: int
     name: str
diff --git a/services/role_service.py b/services/role_service.py
index c23b81f..4c29d56 100644
--- a/services/role_service.py
+++ b/services/role_service.py
@@ -26,7 +26,8 @@ class RoleService:
                 .join(role_permissions_table, permissions_table.c.id == role_permissions_table.c.permission_id)
                 .where(role_permissions_table.c.role_id == role['id'])
             )
-            permissions_result = await db.execute(permissions_query)
+            result = await db.execute(permissions_query)
+            permissions_result = result.mappings().all()
             permissions = [p["name"] for p in permissions_result]
             role_data = dict(role)
             role_data["permissions"] = permissions
@@ -58,7 +59,7 @@ class RoleService:
             for permission in filtered_permissions:
                 permission_query = select(permissions_table).where(permissions_table.c.name == permission)
                 permission_result = await db.execute(permission_query)
-                permission_record = permission_result.fetchone()
+                permission_record = permission_result.mappings().fetchone()
 
                 if permission_record:
                     insert_query = insert(role_permissions_table).values(
@@ -87,7 +88,7 @@ class RoleService:
             for permission in data["permissions"]:
                 permission_query = select(permissions_table).where(permissions_table.c.name == permission)
                 permission_result = await db.execute(permission_query)
-                permission_record = permission_result.fetchone()
+                permission_record = permission_result.mappings().fetchone()
                 if not permission_record:
                     raise HTTPException(status_code=400, detail=f"Permission '{permission}' not found")
 
@@ -167,11 +168,14 @@ class RoleService:
         return user
 
     @staticmethod
-    async def get_all_permissions():
+    async def get_all_permissions(db: AsyncSession):
         """
-        Récupère toutes les permissions définies dans les paramètres (settings).
-        """
-        return settings.available_permissions
+        Récupère toutes les permissions en BDD.
+        """        
+        query = select(permissions_table)
+        result = await db.execute(query) 
+        permissions_result = result.mappings().all()
+        return permissions_result
     
     @staticmethod
     async def get_role(role_id: int, db):
@@ -180,7 +184,7 @@ class RoleService:
         """
         query = select(roles_table).where(roles_table.c.id == role_id)
         result = await db.execute(query)
-        role = result.fetchone()
+        role = result.mappings().fetchone()
 
         if not role:
             raise HTTPException(status_code=404, detail="Role not found")
@@ -191,7 +195,8 @@ class RoleService:
             .join(role_permissions_table, role_permissions_table.c.permission_id == permissions_table.c.id)
             .where(role_permissions_table.c.role_id == role_id)
         )
-        permissions_result = await db.execute(permissions_query)
+        result = await db.execute(permissions_query)
+        permissions_result = result.mappings().all()
         permissions = [row["name"] for row in permissions_result]
 
         return {"id": role["id"], "name": role["name"], "permissions": permissions}