diff --git a/src/ScadaLink.CentralUI/Components/Pages/Admin/Sites.razor b/src/ScadaLink.CentralUI/Components/Pages/Admin/Sites.razor
index 4495d1c..c7573f8 100644
--- a/src/ScadaLink.CentralUI/Components/Pages/Admin/Sites.razor
+++ b/src/ScadaLink.CentralUI/Components/Pages/Admin/Sites.razor
@@ -6,6 +6,7 @@
 @attribute [Authorize(Policy = AuthorizationPolicies.RequireAdmin)]
 @inject ISiteRepository SiteRepository
 @inject ArtifactDeploymentService ArtifactDeploymentService
+@inject AuthenticationStateProvider AuthStateProvider
 
 <div class="container-fluid mt-3">
     <div class="d-flex justify-content-between align-items-center mb-3">
@@ -126,6 +127,12 @@
 </div>
 
 @code {
+    private async Task<string> GetCurrentUserAsync()
+    {
+        var authState = await AuthStateProvider.GetAuthenticationStateAsync();
+        return authState.User.FindFirst("Username")?.Value ?? "unknown";
+    }
+
     private List<Site> _sites = new();
     private Dictionary<int, List<DataConnection>> _siteConnections = new();
     private bool _loading = true;
@@ -270,8 +277,9 @@
         try
         {
             var command = await ArtifactDeploymentService.BuildDeployArtifactsCommandAsync();
+            var user = await GetCurrentUserAsync();
             var result = await ArtifactDeploymentService.RetryForSiteAsync(
-                site.SiteIdentifier, command, "system");
+                site.SiteIdentifier, command, user);
 
             if (result.IsSuccess)
                 _toast.ShowSuccess($"Artifacts deployed to '{site.Name}'.");
@@ -294,7 +302,8 @@
         try
         {
             var command = await ArtifactDeploymentService.BuildDeployArtifactsCommandAsync();
-            var result = await ArtifactDeploymentService.DeployToAllSitesAsync(command, "system");
+            var user = await GetCurrentUserAsync();
+            var result = await ArtifactDeploymentService.DeployToAllSitesAsync(command, user);
 
             if (result.IsSuccess)
             {
diff --git a/src/ScadaLink.CentralUI/Components/Pages/Deployment/Instances.razor b/src/ScadaLink.CentralUI/Components/Pages/Deployment/Instances.razor
index 4e239f5..6c7e7fe 100644
--- a/src/ScadaLink.CentralUI/Components/Pages/Deployment/Instances.razor
+++ b/src/ScadaLink.CentralUI/Components/Pages/Deployment/Instances.razor
@@ -14,6 +14,7 @@
 @inject IDeploymentManagerRepository DeploymentManagerRepository
 @inject DeploymentService DeploymentService
 @inject InstanceService InstanceService
+@inject AuthenticationStateProvider AuthStateProvider
 
 <div class="container-fluid mt-3">
     <div class="d-flex justify-content-between align-items-center mb-3">
@@ -271,6 +272,12 @@
 </div>
 
 @code {
+    private async Task<string> GetCurrentUserAsync()
+    {
+        var authState = await AuthStateProvider.GetAuthenticationStateAsync();
+        return authState.User.FindFirst("Username")?.Value ?? "unknown";
+    }
+
     private List<Instance> _allInstances = new();
     private List<Instance> _filteredInstances = new();
     private List<Instance> _pagedInstances = new();
@@ -395,7 +402,7 @@
         _actionInProgress = true;
         try
         {
-            var user = "system"; // Would come from auth context
+            var user = await GetCurrentUserAsync();
             var result = await DeploymentService.EnableInstanceAsync(inst.Id, user);
             if (result.IsSuccess)
             {
@@ -424,7 +431,7 @@
         _actionInProgress = true;
         try
         {
-            var user = "system";
+            var user = await GetCurrentUserAsync();
             var result = await DeploymentService.DisableInstanceAsync(inst.Id, user);
             if (result.IsSuccess)
             {
@@ -448,7 +455,7 @@
         _actionInProgress = true;
         try
         {
-            var user = "system";
+            var user = await GetCurrentUserAsync();
             var result = await DeploymentService.DeployInstanceAsync(inst.Id, user);
             if (result.IsSuccess)
             {
@@ -477,7 +484,7 @@
         _actionInProgress = true;
         try
         {
-            var user = "system";
+            var user = await GetCurrentUserAsync();
             var result = await DeploymentService.DeleteInstanceAsync(inst.Id, user);
             if (result.IsSuccess)
             {
@@ -521,8 +528,9 @@
 
         try
         {
+            var user = await GetCurrentUserAsync();
             var result = await InstanceService.CreateInstanceAsync(
-                _createName.Trim(), _createTemplateId, _createSiteId, null, "system");
+                _createName.Trim(), _createTemplateId, _createSiteId, null, user);
             if (result.IsSuccess)
             {
                 _showCreateForm = false;
@@ -616,8 +624,9 @@
                 .Select(kv => (kv.Key, kv.Value))
                 .ToList();
 
+            var user = await GetCurrentUserAsync();
             var result = await InstanceService.SetConnectionBindingsAsync(
-                _bindingInstanceId, bindings, "system");
+                _bindingInstanceId, bindings, user);
 
             if (result.IsSuccess)
             {
diff --git a/src/ScadaLink.CentralUI/Components/Pages/Design/SharedScripts.razor b/src/ScadaLink.CentralUI/Components/Pages/Design/SharedScripts.razor
index 609500c..b3e5472 100644
--- a/src/ScadaLink.CentralUI/Components/Pages/Design/SharedScripts.razor
+++ b/src/ScadaLink.CentralUI/Components/Pages/Design/SharedScripts.razor
@@ -6,6 +6,7 @@
 @attribute [Authorize(Policy = AuthorizationPolicies.RequireDesign)]
 @inject ITemplateEngineRepository TemplateEngineRepository
 @inject SharedScriptService SharedScriptService
+@inject AuthenticationStateProvider AuthStateProvider
 
 <div class="container-fluid mt-3">
     <div class="d-flex justify-content-between align-items-center mb-3">
@@ -112,6 +113,12 @@
 </div>
 
 @code {
+    private async Task<string> GetCurrentUserAsync()
+    {
+        var authState = await AuthStateProvider.GetAuthenticationStateAsync();
+        return authState.User.FindFirst("Username")?.Value ?? "unknown";
+    }
+
     private List<SharedScript> _scripts = new();
     private bool _loading = true;
     private string? _errorMessage;
@@ -203,8 +210,9 @@
         {
             if (_editingScript != null)
             {
+                var user = await GetCurrentUserAsync();
                 var result = await SharedScriptService.UpdateSharedScriptAsync(
-                    _editingScript.Id, _formCode, _formParameters?.Trim(), _formReturn?.Trim(), "system");
+                    _editingScript.Id, _formCode, _formParameters?.Trim(), _formReturn?.Trim(), user);
                 if (result.IsSuccess)
                 {
                     _showForm = false;
@@ -218,8 +226,9 @@
             }
             else
             {
+                var user = await GetCurrentUserAsync();
                 var result = await SharedScriptService.CreateSharedScriptAsync(
-                    _formName.Trim(), _formCode, _formParameters?.Trim(), _formReturn?.Trim(), "system");
+                    _formName.Trim(), _formCode, _formParameters?.Trim(), _formReturn?.Trim(), user);
                 if (result.IsSuccess)
                 {
                     _showForm = false;
@@ -267,7 +276,8 @@
 
         try
         {
-            var result = await SharedScriptService.DeleteSharedScriptAsync(script.Id, "system");
+            var user = await GetCurrentUserAsync();
+            var result = await SharedScriptService.DeleteSharedScriptAsync(script.Id, user);
             if (result.IsSuccess)
             {
                 _toast.ShowSuccess($"Script '{script.Name}' deleted.");
diff --git a/src/ScadaLink.CentralUI/Components/Pages/Design/Templates.razor b/src/ScadaLink.CentralUI/Components/Pages/Design/Templates.razor
index 8f12274..5c13762 100644
--- a/src/ScadaLink.CentralUI/Components/Pages/Design/Templates.razor
+++ b/src/ScadaLink.CentralUI/Components/Pages/Design/Templates.razor
@@ -10,6 +10,7 @@
 @attribute [Authorize(Policy = AuthorizationPolicies.RequireDesign)]
 @inject ITemplateEngineRepository TemplateEngineRepository
 @inject TemplateService TemplateService
+@inject AuthenticationStateProvider AuthStateProvider
 
 <div class="container-fluid mt-3">
     <ToastNotification @ref="_toast" />
@@ -234,6 +235,12 @@
 </div>
 
 @code {
+    private async Task<string> GetCurrentUserAsync()
+    {
+        var authState = await AuthStateProvider.GetAuthenticationStateAsync();
+        return authState.User.FindFirst("Username")?.Value ?? "unknown";
+    }
+
     [Parameter] public int TemplateIdParam { get; set; }
 
     private List<Template> _templates = new();
@@ -386,9 +393,10 @@
 
         try
         {
+            var user = await GetCurrentUserAsync();
             var result = await TemplateService.CreateTemplateAsync(
                 _createName.Trim(), _createDescription?.Trim(),
-                _createParentId == 0 ? null : _createParentId, "system");
+                _createParentId == 0 ? null : _createParentId, user);
 
             if (result.IsSuccess)
             {
@@ -416,7 +424,8 @@
 
         try
         {
-            var result = await TemplateService.DeleteTemplateAsync(template.Id, "system");
+            var user = await GetCurrentUserAsync();
+            var result = await TemplateService.DeleteTemplateAsync(template.Id, user);
             if (result.IsSuccess)
             {
                 _toast.ShowSuccess($"Template '{template.Name}' deleted.");
@@ -438,9 +447,10 @@
         if (_selectedTemplate == null) return;
         try
         {
+            var user = await GetCurrentUserAsync();
             var result = await TemplateService.UpdateTemplateAsync(
                 _selectedTemplate.Id, _editName.Trim(), _editDescription?.Trim(),
-                _editParentId == 0 ? null : _editParentId, "system");
+                _editParentId == 0 ? null : _editParentId, user);
 
             if (result.IsSuccess)
             {
@@ -835,7 +845,8 @@
             DataSourceReference = _attrDataSourceRef?.Trim()
         };
 
-        var result = await TemplateService.AddAttributeAsync(_selectedTemplate.Id, attr, "system");
+        var user = await GetCurrentUserAsync();
+        var result = await TemplateService.AddAttributeAsync(_selectedTemplate.Id, attr, user);
         if (result.IsSuccess)
         {
             _showAttrForm = false;
@@ -852,7 +863,8 @@
     {
         var confirmed = await _confirmDialog.ShowAsync($"Delete attribute '{attr.Name}'?", "Delete Attribute");
         if (!confirmed) return;
-        var result = await TemplateService.DeleteAttributeAsync(attr.Id, "system");
+        var user = await GetCurrentUserAsync();
+        var result = await TemplateService.DeleteAttributeAsync(attr.Id, user);
         if (result.IsSuccess)
         {
             _toast.ShowSuccess($"Attribute '{attr.Name}' deleted.");
@@ -878,7 +890,8 @@
             IsLocked = _alarmIsLocked
         };
 
-        var result = await TemplateService.AddAlarmAsync(_selectedTemplate.Id, alarm, "system");
+        var user = await GetCurrentUserAsync();
+        var result = await TemplateService.AddAlarmAsync(_selectedTemplate.Id, alarm, user);
         if (result.IsSuccess)
         {
             _showAlarmForm = false;
@@ -895,7 +908,8 @@
     {
         var confirmed = await _confirmDialog.ShowAsync($"Delete alarm '{alarm.Name}'?", "Delete Alarm");
         if (!confirmed) return;
-        var result = await TemplateService.DeleteAlarmAsync(alarm.Id, "system");
+        var user = await GetCurrentUserAsync();
+        var result = await TemplateService.DeleteAlarmAsync(alarm.Id, user);
         if (result.IsSuccess)
         {
             _toast.ShowSuccess($"Alarm '{alarm.Name}' deleted.");
@@ -918,7 +932,8 @@
             IsLocked = _scriptIsLocked
         };
 
-        var result = await TemplateService.AddScriptAsync(_selectedTemplate.Id, script, "system");
+        var user = await GetCurrentUserAsync();
+        var result = await TemplateService.AddScriptAsync(_selectedTemplate.Id, script, user);
         if (result.IsSuccess)
         {
             _showScriptForm = false;
@@ -935,7 +950,8 @@
     {
         var confirmed = await _confirmDialog.ShowAsync($"Delete script '{script.Name}'?", "Delete Script");
         if (!confirmed) return;
-        var result = await TemplateService.DeleteScriptAsync(script.Id, "system");
+        var user = await GetCurrentUserAsync();
+        var result = await TemplateService.DeleteScriptAsync(script.Id, user);
         if (result.IsSuccess)
         {
             _toast.ShowSuccess($"Script '{script.Name}' deleted.");
@@ -951,8 +967,9 @@
         if (string.IsNullOrWhiteSpace(_compInstanceName)) { _compFormError = "Instance name is required."; return; }
         if (_compComposedTemplateId == 0) { _compFormError = "Select a template."; return; }
 
+        var user = await GetCurrentUserAsync();
         var result = await TemplateService.AddCompositionAsync(
-            _selectedTemplate.Id, _compComposedTemplateId, _compInstanceName.Trim(), "system");
+            _selectedTemplate.Id, _compComposedTemplateId, _compInstanceName.Trim(), user);
         if (result.IsSuccess)
         {
             _showCompForm = false;
@@ -969,7 +986,8 @@
     {
         var confirmed = await _confirmDialog.ShowAsync($"Remove composition '{comp.InstanceName}'?", "Delete Composition");
         if (!confirmed) return;
-        var result = await TemplateService.DeleteCompositionAsync(comp.Id, "system");
+        var user = await GetCurrentUserAsync();
+        var result = await TemplateService.DeleteCompositionAsync(comp.Id, user);
         if (result.IsSuccess)
         {
             _toast.ShowSuccess($"Composition '{comp.InstanceName}' removed.");