diff --git a/api/types/user.go b/api/types/user.go
index a771cf0650d59..e439f37f30e84 100644
--- a/api/types/user.go
+++ b/api/types/user.go
@@ -252,6 +252,7 @@ func (u *UserV2) SetStaticLabels(sl map[string]string) {
 // match against the list of search values.
 func (u *UserV2) MatchSearch(values []string) bool {
 	fieldVals := append(utils.MapToStrings(u.Metadata.Labels), u.GetName())
+	fieldVals = append(fieldVals, u.GetRoles()...)
 	return MatchSearch(fieldVals, values, nil)
 }
 
diff --git a/lib/auth/users/usersv1/service_test.go b/lib/auth/users/usersv1/service_test.go
index c93a8e6b73174..39833f99b5d57 100644
--- a/lib/auth/users/usersv1/service_test.go
+++ b/lib/auth/users/usersv1/service_test.go
@@ -464,9 +464,19 @@ func TestListUsers(t *testing.T) {
 
 	ctx := context.Background()
 
+	// Create a role to assign to users for search testing.
+	accessSvc := env.backend.(interface {
+		UpsertRole(context.Context, types.Role) (types.Role, error)
+	})
+	role, err := types.NewRole("test-role", types.RoleSpecV6{})
+	require.NoError(t, err, "creating role")
+	_, err = accessSvc.UpsertRole(ctx, role)
+	require.NoError(t, err, "upserting role")
+
 	llama, err := types.NewUser("llama")
 	require.NoError(t, err, "creating new user llama")
 	require.NoError(t, generateUserSecrets(llama), "generating user secrets")
+	llama.SetRoles([]string{"test-role"})
 
 	// Validate that the user does not exist.
 	resp, err := env.ListUsers(ctx, &userspb.ListUsersRequest{PageSize: 10})
@@ -494,6 +504,15 @@ func TestListUsers(t *testing.T) {
 	assert.Empty(t, cmp.Diff(created.User, resp.Users[0], cmpopts.IgnoreFields(types.Metadata{}, "Revision")))
 	assert.Empty(t, cmp.Diff(llama.GetLocalAuth(), resp.Users[0].GetLocalAuth()), "user secrets do not match")
 
+	// Validate that searching by role returns matching users.
+	resp, err = env.ListUsers(ctx, &userspb.ListUsersRequest{
+		PageSize: 10,
+		Filter:   &types.UserFilter{SearchKeywords: []string{"test-role"}},
+	})
+	require.NoError(t, err, "listing users with role filter")
+	require.Len(t, resp.Users, 1, "expected one user with test-role")
+	assert.Equal(t, "llama", resp.Users[0].GetName(), "expected llama to match role search")
+
 	// Create addition users to test pagination
 	createdUsers := []*types.UserV2{llama.(*types.UserV2)}
 	for i := 0; i < 22; i++ {