diff --git a/internal/jujuapi/access_control.go b/internal/jujuapi/access_control.go
index d9e689ab5..9ee178dfd 100644
--- a/internal/jujuapi/access_control.go
+++ b/internal/jujuapi/access_control.go
@@ -52,7 +52,7 @@ var (
 	// (1)[group](2)[-](3)[alices-wonderland](10)[#member]
 	// So if a group, user, UUID, controller name comes in, it will always be index 3 for them
 	// and if a relation specifier is present, it will always be index 10
-	jujuURIMatcher = regexp.MustCompile(`([a-zA-Z0-9]*)(\-|\z)([a-zA-Z0-9-@]*)(\:|)([a-zA-Z0-9-@]*)(\/|)([a-zA-Z0-9-]*)(\.|)([a-zA-Z0-9-]*)([a-zA-Z#]*|\z)\z`)
+	jujuURIMatcher = regexp.MustCompile(`([a-zA-Z0-9]*)(\-|\z)([a-zA-Z0-9-@.]*)(\:|)([a-zA-Z0-9-@]*)(\/|)([a-zA-Z0-9-]*)(\.|)([a-zA-Z0-9-]*)([a-zA-Z#]*|\z)\z`)
 )
 
 // AddGroup creates a group within JIMMs DB for reference by OpenFGA.
diff --git a/internal/jujuapi/access_control_test.go b/internal/jujuapi/access_control_test.go
index 6825d3b61..22d6ae293 100644
--- a/internal/jujuapi/access_control_test.go
+++ b/internal/jujuapi/access_control_test.go
@@ -303,6 +303,17 @@ func (s *accessControlSuite) TestAddRelation(c *gc.C) {
 			err:         false,
 			changesType: "group",
 		},
+		//Test username with dots and @ -> group
+		{
+			input: tuple{"user-" + "kelvin.lina.test@external", "member", "group-" + group.Name},
+			want: createTupleKey(
+				"user:"+"kelvin.lina.test@external",
+				"member",
+				"group:"+strconv.FormatUint(uint64(group.ID), 10),
+			),
+			err:         false,
+			changesType: "group",
+		},
 		//Test group -> controller
 		{
 			input: tuple{"group-" + "test-group#member", "administrator", "controller-" + controller.UUID},