diff --git a/services/targo-hub/server.js b/services/targo-hub/server.js
index 969a39e..34d083e 100644
--- a/services/targo-hub/server.js
+++ b/services/targo-hub/server.js
@@ -39,7 +39,7 @@ const server = http.createServer(async (req, res) => {
   const method = req.method
 
   res.setHeader('Access-Control-Allow-Origin', '*')
-  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
+  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, PATCH, DELETE, OPTIONS')
   res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-Authentik-Email, X-Authentik-Groups')
   if (method === 'OPTIONS') { res.writeHead(204); return res.end() }