diff --git a/dojo/api_v2/serializers.py b/dojo/api_v2/serializers.py
index e0aa2ce8dc4..5de0698edee 100644
--- a/dojo/api_v2/serializers.py
+++ b/dojo/api_v2/serializers.py
@@ -536,13 +536,13 @@ def to_representation(self, instance):
         return ret
 
     def update(self, instance, validated_data):
+        permissions_in_payload = None
         new_configuration_permissions = None
         if (
             "user_permissions" in validated_data
         ):  # This field was renamed from "configuration_permissions" in the meantime
-            new_configuration_permissions = set(
-                validated_data.pop("user_permissions"),
-            )
+            permissions_in_payload = validated_data.pop("user_permissions")
+            new_configuration_permissions = set(permissions_in_payload)
 
         instance = super().update(instance, validated_data)
 
@@ -563,6 +563,10 @@ def update(self, instance, validated_data):
             )
             instance.user_permissions.set(new_permissions)
 
+        # Clear all configuration permissions if an empty list is provided
+        if isinstance(permissions_in_payload, list) and len(permissions_in_payload) == 0:
+            instance.user_permissions.clear()
+
         return instance
 
     def create(self, validated_data):
@@ -695,14 +699,14 @@ def create(self, validated_data):
         return instance
 
     def update(self, instance, validated_data):
+        permissions_in_payload = None
         new_configuration_permissions = None
         if (
             "auth_group" in validated_data
             and "permissions" in validated_data["auth_group"]
         ):  # This field was renamed from "configuration_permissions" in the meantime
-            new_configuration_permissions = set(
-                validated_data.pop("auth_group")["permissions"],
-            )
+            permissions_in_payload = validated_data.pop("auth_group")["permissions"]
+            new_configuration_permissions = set(permissions_in_payload)
 
         instance = super().update(instance, validated_data)
 
@@ -723,6 +727,10 @@ def update(self, instance, validated_data):
             )
             instance.auth_group.permissions.set(new_permissions)
 
+        # Clear all configuration permissions if an empty list is provided
+        if isinstance(permissions_in_payload, list) and len(permissions_in_payload) == 0:
+            instance.auth_group.permissions.clear()
+
         return instance