diff --git a/ccm-core-apiclient/src/main/typescript/entities/security.ts b/ccm-core-apiclient/src/main/typescript/entities/security.ts
index c3a087cf1..e304d718e 100644
--- a/ccm-core-apiclient/src/main/typescript/entities/security.ts
+++ b/ccm-core-apiclient/src/main/typescript/entities/security.ts
@@ -57,7 +57,7 @@ export interface RoleId {
     name: string;
 }
 
-export interface RolePartyMember {
+export interface RolePartyMembership {
     membershipId: number;
     uuid: string;
     party: PartyId;
@@ -67,6 +67,7 @@ export interface RolePermission {
     permissionId: number;
     uuid: string;
     grantedPrivilege: string;
+    inherited: boolean;
     object: CcmObjectId;
     creationUser: PartyId;
     creationDate: Date;
@@ -93,3 +94,197 @@ export interface UserGroupMembership {
     uuid: string;
     group: PartyId;
 }
+
+export function buildGroupDataFromRecord(
+    record: Record<string, unknown>
+): GroupData {
+    assertProperties(record, [
+        "partyId",
+        "uuid",
+        "name",
+        "memberships",
+        "roleMemberships",
+    ]);
+
+    const membershipRecords = record.memberships as Record<string, unknown>[];
+    const roleMembershipRecords = record.roleMemberships as Record<
+        string,
+        unknown
+    >[];
+
+    return {
+        partyId: record.partyId as number,
+        uuid: record.uuid as string,
+        name: record.name as string,
+        memberships: membershipRecords.map((r) =>
+            buildGroupUserMembershipFromRecord(r)
+        ),
+        roleMemberships: roleMembershipRecords.map((r) =>
+            buildPartyRoleMembershipFromRecord(r)
+        ),
+    };
+}
+
+export function buildGroupUserMembershipFromRecord(
+    record: Record<string, unknown>
+): GroupUserMembership {
+    assertProperties(record, ["membershipId", "uuid", "user"]);
+
+    return {
+        membershipId: record.membershipId as number,
+        uuid: record.uuid as string,
+        user: buildPartyIdFromRecord(record.user as Record<string, unknown>),
+    };
+}
+
+function buildPartyIdFromRecord(record: Record<string, unknown>): PartyId {
+    assertProperties(record, ["partyId", "uuid", "name"]);
+
+    return {
+        partyId: record.partyId as number,
+        uuid: record.uuid as string,
+        name: record.name as string,
+    };
+}
+
+export function buildPartyRoleMembershipFromRecord(
+    record: Record<string, unknown>
+): PartyRoleMembership {
+    assertProperties(record, ["membershipId", "uuid", "role"]);
+
+    return {
+        membershipId: record.membershipId as number,
+        uuid: record.uuid as string,
+        role: buildRoleIdFromRecord(record.role as Record<string, unknown>),
+    };
+}
+
+export function buildRoleDataFromRecord(
+    record: Record<string, unknown>
+): RoleData {
+    assertProperties(record, [
+        "roleId",
+        "uuid",
+        "name",
+        "description",
+        "permissions",
+    ]);
+
+    const permissionRecords = record.permissions as Record<string, unknown>[];
+
+    return {
+        roleId: record.roleId as number,
+        uuid: record.uuid as string,
+        name: record.name as string,
+        description: record.description as LocalizedString,
+        permissions: permissionRecords.map((r) =>
+            buildRolePermissionFromRecord(r)
+        ),
+    };
+}
+
+function buildRoleIdFromRecord(record: Record<string, unknown>): RoleId {
+    assertProperties(record, ["roleId", "uuid", "name"]);
+
+    return {
+        roleId: record.roleId as number,
+        uuid: record.uuid as string,
+        name: record.name as string,
+    };
+}
+
+export function buildRolePartyMembershipFromRecord(
+    record: Record<string, unknown>
+): RolePartyMembership {
+    assertProperties(record, ["membershipId", "uuid", "party"]);
+
+    return {
+        membershipId: record.membershipId as number,
+        uuid: record.uuid as string,
+        party: record.party as PartyId,
+    };
+}
+
+export function buildRolePermissionFromRecord(
+    record: Record<string, unknown>
+): RolePermission {
+    assertProperties(record, [
+        "permissionId",
+        "uuid",
+        "grantedPrivilege",
+        "inherited",
+        "object",
+        "creationUser",
+        "creationIp",
+        "inheritedFrom",
+    ]);
+
+    return {
+        permissionId: record.permissionId as number,
+        uuid: record.uuid as string,
+        grantedPrivilege: record.grantedPrivilege as string,
+        inherited: record.inherited as boolean,
+        object: record.object as CcmObjectId,
+        creationUser: record.creationUser as PartyId,
+        creationDate: record.creationDate as Date,
+        creationIp: record.creationIp as string,
+        inheritedFrom: record.inheritedFrom as CcmObjectId,
+    };
+}
+
+export function buildUserDataFromRecord(
+    record: Record<string, unknown>
+): UserData {
+    assertProperties(record, [
+        "partyId",
+        "uuid",
+        "name",
+        "givenName",
+        "familyName",
+        "primaryEmailAddress",
+        "emailAddresses",
+        "banned",
+        "passwordResetRequired",
+        "groupMemberships",
+        "roleMemberships",
+    ]);
+
+    const groupMembershipRecords = record.groupMemberships as Record<
+        string,
+        unknown
+    >[];
+    const roleMembershipRecords = record.roleMemberships as Record<
+        string,
+        unknown
+    >[];
+
+    return {
+        partyId: record.partyId as number,
+        uuid: record.uuid as string,
+        name: record.name as string,
+        givenName: record.givenName as string,
+        familyName: record.familyName as string,
+        primaryEmailAddress: record.primaryEmailAddress as EmailAddressData,
+        emailAddresses: record.emailAddresses as EmailAddressData[],
+        banned: record.banned as boolean,
+        passwordResetRequired: record.passwordResetRequired as boolean,
+        groupMemberships: groupMembershipRecords.map((r) =>
+            buildUserGroupMembershipFromRecord(r)
+        ),
+        roleMemberships: roleMembershipRecords.map((r) =>
+            buildPartyRoleMembershipFromRecord(r)
+        ),
+    };
+}
+
+export function buildUserGroupMembershipFromRecord(
+    record: Record<string, unknown>
+): UserGroupMembership {
+    assertProperties(record, ["membershipId", "uuid", "group"]);
+
+    return {
+        membershipId: record.membershipId as number,
+        uuid: record.uuid as string,
+        group: record.party as PartyId,
+    };
+}