diff --git a/lemur/authorities/service.py b/lemur/authorities/service.py
index d9db015a..453677ec 100644
--- a/lemur/authorities/service.py
+++ b/lemur/authorities/service.py
@@ -16,7 +16,7 @@ from lemur.roles import service as role_service
 from lemur.certificates.service import upload
 
 
-def update(authority_id, description=None, owner=None, active=None, roles=None):
+def update(authority_id, description, owner, active, roles):
     """
     Update an authority with new values.
 
@@ -26,12 +26,11 @@ def update(authority_id, description=None, owner=None, active=None, roles=None):
     """
     authority = get(authority_id)
 
-    if roles:
-        authority.roles = roles
-
+    authority.roles = roles
     authority.active = active
     authority.description = description
     authority.owner = owner
+
     return database.update(authority)
 
 
diff --git a/lemur/tests/factories.py b/lemur/tests/factories.py
index 5a47982d..f0c1754d 100644
--- a/lemur/tests/factories.py
+++ b/lemur/tests/factories.py
@@ -122,6 +122,7 @@ class AuthorityFactory(BaseFactory):
     name = Sequence(lambda n: 'authority{0}'.format(n))
     owner = 'joe@example.com'
     plugin = {'slug': 'test-issuer'}
+    description = FuzzyText(length=128)
     authority_certificate = SubFactory(CertificateFactory)
 
     class Meta:
diff --git a/lemur/tests/test_authorities.py b/lemur/tests/test_authorities.py
index f7f1c02c..ab4e341f 100644
--- a/lemur/tests/test_authorities.py
+++ b/lemur/tests/test_authorities.py
@@ -1,7 +1,9 @@
+import json
 
 import pytest
 
 from lemur.authorities.views import *  # noqa
+from lemur.tests.factories import AuthorityFactory, RoleFactory
 from lemur.tests.vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
 
 
@@ -184,3 +186,31 @@ def test_certificate_authorities_delete(client, token, status):
 ])
 def test_certificate_authorities_patch(client, token, status):
     assert client.patch(api.url_for(AuthoritiesList), data={}, headers=token).status_code == status
+
+
+def test_authority_roles(client, session, issuer_plugin):
+    auth = AuthorityFactory()
+    role = RoleFactory()
+    session.flush()
+
+    data = {
+        'owner': auth.owner,
+        'name': auth.name,
+        'description': auth.description,
+        'active': True,
+        'roles': [
+            {'id': role.id},
+        ],
+    }
+
+    # Add role
+    resp = client.put(api.url_for(Authorities, authority_id=auth.id), data=json.dumps(data), headers=VALID_ADMIN_HEADER_TOKEN)
+    assert resp.status_code == 200
+    assert len(resp.json['roles']) == 1
+    assert set(auth.roles) == {role}
+
+    # Remove role
+    del data['roles'][0]
+    resp = client.put(api.url_for(Authorities, authority_id=auth.id), data=json.dumps(data), headers=VALID_ADMIN_HEADER_TOKEN)
+    assert resp.status_code == 200
+    assert len(resp.json['roles']) == 0