diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md
index cc6541b57..164b06de8 100644
--- a/docs/configuring-playbook-bridge-mautrix-signal.md
+++ b/docs/configuring-playbook-bridge-mautrix-signal.md
@@ -12,24 +12,6 @@ Use the following playbook configuration:
 matrix_mautrix_signal_enabled: true
 ```
 
-To specify which users have access to the bridge, use the variable `matrix_mautrix_signal_configuration_permissions`.
-Refer to the documentation for
-```yaml
-bridge:
-  permissions:
-```
-in [the example config in mautrix-signal](https://github.com/tulir/mautrix-signal/blob/master/mautrix_signal/example-config.yaml).
-For instance, use
-```yaml
-matrix_mautrix_signal_configuration_permissions: |
-  {
-    '{{ matrix_domain }}': 'user'
-  }
-```
-to allow all users registered to the current host's matrix domain access to the bridge, or hard-code whatever you like.
-(See [this issue](https://github.com/ansible/ansible/issues/17324#issuecomment-449642731) on how to use variable names as dictionary keys.)
-
-
 ## Set up Double Puppeting
 
 If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-whatsapp/wiki/Authentication#replacing-whatsapp-accounts-matrix-puppet-with-matrix-account) (hint: you most likely do), you have 2 ways of going about it.
diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml
index d46c2c500..d15ba6e3d 100644
--- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml
@@ -67,15 +67,6 @@ matrix_mautrix_signal_login_shared_secret: ''
 # or completely replace this variable with your own template.
 matrix_mautrix_signal_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
 
-# Permitted values:
-#       user - Use the bridge with puppeting.
-#      admin - Use and administrate the bridge.
-# Permitted keys:
-#        * - All Matrix users
-#   domain - All users on that homeserver
-#     mxid - Specific user
-matrix_mautrix_signal_configuration_permissions: {}
-
 matrix_mautrix_signal_configuration_extension_yaml: |
   # Your custom YAML configuration goes here.
   # This configuration extends the default starting configuration (`matrix_mautrix_signal_configuration_yaml`).
diff --git a/roles/matrix-bridge-mautrix-signal/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-signal/tasks/validate_config.yml
index 397ef4d87..100af3f87 100644
--- a/roles/matrix-bridge-mautrix-signal/tasks/validate_config.yml
+++ b/roles/matrix-bridge-mautrix-signal/tasks/validate_config.yml
@@ -25,3 +25,4 @@
     - {'old': 'matrix_mautrix_signal_db_host', 'new': 'matrix_mautrix_signal_database_hostname'}
     - {'old': 'matrix_mautrix_signal_db_port', 'new': 'matrix_mautrix_signal_database_port'}
     - {'old': 'matrix_mautrix_signal_db_url', 'new': 'matrix_mautrix_signal_database_connection_string'}
+    - {'old': 'matrix_mautrix_signal_configuration_permissions', 'new': '<superseded by matrix_mautrix_signal_configuration_extension_yaml>'}
diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2
index 4335b023a..68ed1d6d6 100644
--- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2
+++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2
@@ -172,7 +172,8 @@ bridge:
     #        * - All Matrix users
     #   domain - All users on that homeserver
     #     mxid - Specific user
-    permissions: {{ matrix_mautrix_signal_configuration_permissions }} 
+    permissions:
+      '{{ matrix_mautrix_signal_homeserver_domain }}': user
 
 
 # Python logging configuration.