diff --git a/client/components/admin/admin-groups-edit.vue b/client/components/admin/admin-groups-edit.vue
index de092eb0..4f50c8f6 100644
--- a/client/components/admin/admin-groups-edit.vue
+++ b/client/components/admin/admin-groups-edit.vue
@@ -61,7 +61,7 @@
                     style='max-width: 600px;'
                     :disabled='group.id <= 2'
                   )
-                template(v-if='group.id > 2')
+                template(v-if='group.id !== 2')
                   v-divider
                   v-card-text
                     v-text-field(
diff --git a/client/components/login.vue b/client/components/login.vue
index 668d1d5b..b5eeb183 100644
--- a/client/components/login.vue
+++ b/client/components/login.vue
@@ -350,6 +350,7 @@ export default {
                     mustChangePwd
                     mustProvideTFA
                     continuationToken
+                    redirect
                   }
                 }
               }
@@ -386,6 +387,8 @@ export default {
                   if (loginRedirect) {
                     Cookies.remove('loginRedirect')
                     window.location.replace(loginRedirect)
+                  } else if (respObj.redirect) {
+                    window.location.replace(respObj.redirect)
                   } else {
                     window.location.replace('/')
                   }
diff --git a/server/graph/schemas/authentication.graphql b/server/graph/schemas/authentication.graphql
index 57653f02..97e95f6e 100644
--- a/server/graph/schemas/authentication.graphql
+++ b/server/graph/schemas/authentication.graphql
@@ -109,6 +109,7 @@ type AuthenticationLoginResponse {
   mustChangePwd: Boolean
   mustProvideTFA: Boolean
   continuationToken: String
+  redirect: String
 }
 
 type AuthenticationRegisterResponse {
diff --git a/server/models/users.js b/server/models/users.js
index 470148c5..5eed0a38 100644
--- a/server/models/users.js
+++ b/server/models/users.js
@@ -281,6 +281,13 @@ module.exports = class User extends Model {
           if (err) { return reject(err) }
           if (!user) { return reject(new WIKI.Error.AuthLoginFailed()) }
 
+          // Get redirect target
+          user.groups = await user.$relatedQuery('groups').select('groups.id', 'permissions', 'redirectOnLogin')
+          let redirect = '/'
+          if (user.groups && user.groups.length > 0) {
+            redirect = user.groups[0].redirectOnLogin
+          }
+
           // Must Change Password?
           if (user.mustChangePwd) {
             try {
@@ -291,7 +298,8 @@ module.exports = class User extends Model {
 
               return resolve({
                 mustChangePwd: true,
-                continuationToken: pwdChangeToken
+                continuationToken: pwdChangeToken,
+                redirect
               })
             } catch (errc) {
               WIKI.logger.warn(errc)
@@ -308,7 +316,8 @@ module.exports = class User extends Model {
               })
               return resolve({
                 tfaRequired: true,
-                continuationToken: tfaToken
+                continuationToken: tfaToken,
+                redirect
               })
             } catch (errc) {
               WIKI.logger.warn(errc)
@@ -319,7 +328,7 @@ module.exports = class User extends Model {
           context.req.logIn(user, { session: !strInfo.useForm }, async errc => {
             if (errc) { return reject(errc) }
             const jwtToken = await WIKI.models.users.refreshToken(user)
-            resolve({ jwt: jwtToken.token })
+            resolve({ jwt: jwtToken.token, redirect })
           })
         })(context.req, context.res, () => {})
       })