diff --git a/components/ambient-api-server/Dockerfile b/components/ambient-api-server/Dockerfile
index fb32013ac..9f322501b 100755
--- a/components/ambient-api-server/Dockerfile
+++ b/components/ambient-api-server/Dockerfile
@@ -23,11 +23,16 @@ ARG GIT_COMMIT=unknown
 RUN \
     microdnf install -y \
     util-linux \
+    shadow-utils \
     && \
-    microdnf clean all
+    microdnf clean all \
+    && \
+    useradd -u 1000 -M -s /sbin/nologin -r appuser
 
 COPY --from=builder /workspace/ambient-api-server /usr/local/bin/
 
+USER 1000
+
 EXPOSE 8000
 
 ENTRYPOINT ["/usr/local/bin/ambient-api-server", "serve"]
diff --git a/components/ambient-api-server/plugins/roleBindings/migration.go b/components/ambient-api-server/plugins/roleBindings/migration.go
index 677066a77..dffd525f3 100644
--- a/components/ambient-api-server/plugins/roleBindings/migration.go
+++ b/components/ambient-api-server/plugins/roleBindings/migration.go
@@ -32,7 +32,7 @@ func migration() *gormigrate.Migration {
 
 func typedFKMigration() *gormigrate.Migration {
 	return &gormigrate.Migration{
-		ID: "202505130001",
+		ID: "202605150001",
 		Migrate: func(tx *gorm.DB) error {
 			// Drop the old unique index that depends on scope_id before altering columns
 			if err := tx.Exec(`DROP INDEX IF EXISTS idx_binding_lookup`).Error; err != nil {
diff --git a/components/backend/handlers/sessions.go b/components/backend/handlers/sessions.go
index a97a03601..1b1f372ae 100755
--- a/components/backend/handlers/sessions.go
+++ b/components/backend/handlers/sessions.go
@@ -639,7 +639,13 @@ func ListSessions(c *gin.Context) {
 	list, err := k8sDyn.Resource(gvr).Namespace(project).List(ctx, listOpts)
 	if err != nil {
 		log.Printf("Failed to list agentic sessions in project %s: %v", project, err)
-		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to list agentic sessions"})
+		if errors.IsUnauthorized(err) {
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Token expired or invalid"})
+		} else if errors.IsForbidden(err) {
+			c.JSON(http.StatusForbidden, gin.H{"error": "Unauthorized to access project"})
+		} else {
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to list agentic sessions"})
+		}
 		return
 	}
 
@@ -650,7 +656,13 @@ func ListSessions(c *gin.Context) {
 		list, err = k8sDyn.Resource(gvr).Namespace(project).List(ctx, listOpts)
 		if err != nil {
 			log.Printf("Failed to list agentic sessions (continue) in project %s: %v", project, err)
-			c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to list agentic sessions"})
+			if errors.IsUnauthorized(err) {
+				c.JSON(http.StatusUnauthorized, gin.H{"error": "Token expired or invalid"})
+			} else if errors.IsForbidden(err) {
+				c.JSON(http.StatusForbidden, gin.H{"error": "Unauthorized to access project"})
+			} else {
+				c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to list agentic sessions"})
+			}
 			return
 		}
 		allItems = append(allItems, list.Items...)
diff --git a/components/manifests/base/core/ambient-api-server-service.yml b/components/manifests/base/core/ambient-api-server-service.yml
index efce7ca67..d9658dd32 100644
--- a/components/manifests/base/core/ambient-api-server-service.yml
+++ b/components/manifests/base/core/ambient-api-server-service.yml
@@ -34,6 +34,7 @@ spec:
       serviceAccountName: ambient-api-server
       securityContext:
         runAsNonRoot: true
+        runAsUser: 1000
         seccompProfile:
           type: RuntimeDefault
       initContainers: