diff --git a/.env.sample b/.env.sample
index bf175c1..78293d9 100644
--- a/.env.sample
+++ b/.env.sample
@@ -50,6 +50,7 @@ COPY_ASSETS="$COPY_ASSETS icon.png|app:/web/dist/assets/icons/"
 
 # COMPOSE_FILE="$COMPOSE_FILE:compose.wordpress.yml"
 # WORDPRESS_DOMAIN=wordpress.example.com
+# WORDPRESS_GROUP='wordpress Admins'
 # SECRET_WORDPRESS_ID_VERSION=v1
 # SECRET_WORDPRESS_SECRET_VERSION=v1
 # APP_ICONS="$APP_ICONS wordpress:~/.abra/recipes/authentik/icons/wordpress.png"
diff --git a/abra.sh b/abra.sh
index c9140e7..642a4a2 100644
--- a/abra.sh
+++ b/abra.sh
@@ -6,7 +6,7 @@ export FLOW_RECOVERY_VERSION=v1
 export FLOW_TRANSLATION_VERSION=v1
 export SYSTEM_TENANT_VERSION=v1
 export NEXTCLOUD_CONFIG_VERSION=v1
-export WORDPRESS_CONFIG_VERSION=v1
+export WORDPRESS_CONFIG_VERSION=v2
 export MATRIX_CONFIG_VERSION=v1
 export WEKAN_CONFIG_VERSION=v3
 export VIKUNJA_CONFIG_VERSION=v1
diff --git a/compose.wordpress.yml b/compose.wordpress.yml
index 6ccf043..564e86d 100644
--- a/compose.wordpress.yml
+++ b/compose.wordpress.yml
@@ -6,6 +6,7 @@ services:
       - wordpress_secret
     environment:
       - WORDPRESS_DOMAIN
+      - WORDPRESS_GROUP
     configs:
       - source: wordpress
         target: /blueprints/wordpress.yaml
diff --git a/wordpress.yaml.tmpl b/wordpress.yaml.tmpl
index f871478..28644aa 100644
--- a/wordpress.yaml.tmpl
+++ b/wordpress.yaml.tmpl
@@ -41,3 +41,19 @@ entries:
     name: Wordpress
   model: authentik_core.application
   state: present
+
+{{ if ne (env "WORDPRESS_GROUP") "" }} 
+- identifiers:
+    name: {{ env "WORDPRESS_GROUP" }}
+  attrs:
+    users:
+    - 1
+  id: wordpress_group
+  model: authentik_core.group
+
+- identifiers:
+    group: !KeyOf wordpress_group
+    target: !KeyOf wordpress_application
+    order: 0
+  model: authentik_policies.policybinding
+{{ end }}