diff --git a/src/main/java/net/hostsharing/hsadminng/hs/hscustomer/CustomerController.java b/src/main/java/net/hostsharing/hsadminng/hs/hscustomer/CustomerController.java
index e257639a..693a4939 100644
--- a/src/main/java/net/hostsharing/hsadminng/hs/hscustomer/CustomerController.java
+++ b/src/main/java/net/hostsharing/hsadminng/hs/hscustomer/CustomerController.java
@@ -6,6 +6,7 @@ import net.hostsharing.hsadminng.generated.api.v1.model.CustomerResource;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.servlet.mvc.method.annotation.MvcUriComponentsBuilder;
 
 import javax.transaction.Transactional;
 import java.util.List;
@@ -47,6 +48,7 @@ public class CustomerController implements CustomersApi {
         final String currentUser,
         final String assumedRoles,
         final CustomerResource customer) {
+
         context.setCurrentUser(currentUser);
         if (assumedRoles != null && !assumedRoles.isBlank()) {
             context.assumeRoles(assumedRoles);
@@ -54,10 +56,15 @@ public class CustomerController implements CustomersApi {
         if (customer.getUuid() == null) {
             customer.setUuid(UUID.randomUUID());
         }
-        return ResponseEntity.ok(
-            map(
-                customerRepository.save(map(customer, CustomerEntity.class)),
-                CustomerResource.class));
+
+        final var saved = customerRepository.save(map(customer, CustomerEntity.class));
+
+        final var uri =
+            MvcUriComponentsBuilder.fromController(getClass())
+                .path("/api/rbac-users/{id}")
+                .buildAndExpand(customer.getUuid())
+                .toUri();
+        return ResponseEntity.created(uri).body(map(saved, CustomerResource.class));
     }
 
 }
diff --git a/src/main/resources/api-definition.yaml b/src/main/resources/api-definition.yaml
index 00477766..47a3c915 100644
--- a/src/main/resources/api-definition.yaml
+++ b/src/main/resources/api-definition.yaml
@@ -19,6 +19,9 @@ paths:
     /api/rbac-roles:
         $ref: "./api-definition/rbac-roles.yaml"
 
+    /api/rbac-grants:
+        $ref: "./api-definition/rbac-grants.yaml"
+
     # HS
 
     /api/customers:
diff --git a/src/main/resources/api-definition/hs-customers.yaml b/src/main/resources/api-definition/hs-customers.yaml
index 8092b04c..5895e41a 100644
--- a/src/main/resources/api-definition/hs-customers.yaml
+++ b/src/main/resources/api-definition/hs-customers.yaml
@@ -42,8 +42,8 @@ post:
                     $ref: './api-definition/api-definition/hs-customer-schemas.yaml#/components/schemas/Customer'
         required: true
     responses:
-        "200":
-            description: OK
+        "201":
+            description: Created
             content:
                 'application/json':
                     schema:
@@ -52,3 +52,5 @@ post:
             $ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized'
         "403":
             $ref: './api-definition/error-responses.yaml#/components/responses/Forbidden'
+        "409":
+            $ref: './api-definition/error-responses.yaml#/components/responses/Conflict'