diff --git a/plugins/baser-core/src/Service/PermissionsService.php b/plugins/baser-core/src/Service/PermissionsService.php
index f4b26a5dea..8de0531c6c 100644
--- a/plugins/baser-core/src/Service/PermissionsService.php
+++ b/plugins/baser-core/src/Service/PermissionsService.php
@@ -28,7 +28,6 @@
 use BaserCore\Annotation\Checked;
 use BaserCore\Annotation\Note;
 use Cake\Routing\Router;
-use Cake\Utility\Inflector;
 
 /**
  * Class PermissionsService
@@ -493,14 +492,6 @@ private function checkGroup(
             if ($type === 1) return true;
         }
 
-        // URLのプレフィックスを標準の文字列に戻す
-        foreach(Configure::read('BcPrefixAuth') as $key => $value) {
-            $prefixAreas = Configure::read('BcApp.' . Inflector::variable($key) . 'Prefix');
-            if(!$prefixAreas) continue;
-            $regex = '/^' . preg_quote('/' . Configure::read('BcApp.baserCorePrefix') . '/' . $prefixAreas . '/', '/') . '/';
-            $url = preg_replace($regex, '/baser/' . Inflector::underscore($key) . '/', $url);
-        }
-
         return $this->isAuthorized($prefixAuthSetting['permissionType'], $url, $method, $groupPermission);
     }
 
@@ -555,10 +546,24 @@ public function convertRegexUrl(string $url)
                 $url = str_replace('{loginUserId}', $user->id, $url);
             }
         }
-        $prefix = BcUtil::getPrefix();
-        if($prefix !== '/baser/admin') {
-            $url = preg_replace('/^\/baser\/admin/', BcUtil::getPrefix(), $url);
-        }
+        $baserCorePrefix = BcUtil::getBaserCorePrefix();
+        $apiPrefix = Configure::read('BcApp.apiPrefix');
+        $adminPrefix = BcUtil::getAdminPrefix();
+        $apiAdminAlias = Configure::read('BcPrefixAuth.Api/Admin.alias') ?: '/' . $apiPrefix . '/admin';
+        $adminAlias = Configure::read('BcPrefixAuth.Admin.alias') ?: '/' . $adminPrefix;
+        // DB に保存された標準プレフィックス(/baser/api/admin, /baser/admin)を
+        // .env の設定値に基づく実際のプレフィックスに変換する
+        $url = preg_replace(
+            [
+                '/^\/baser\/' . preg_quote($apiPrefix, '/') . '\/admin/',
+                '/^\/baser\/admin/',
+            ],
+            [
+                '/' . $baserCorePrefix . $apiAdminAlias,
+                '/' . $baserCorePrefix . $adminAlias,
+            ],
+            $url
+        );
         $pattern = preg_quote($url, '/');
         $pattern = str_replace('\*', '.*?', $pattern);
         return '/^' . str_replace('\/.*?', '(|\/.*?)', $pattern) . '$/is';
diff --git a/plugins/baser-core/tests/TestCase/Service/PermissionsServiceTest.php b/plugins/baser-core/tests/TestCase/Service/PermissionsServiceTest.php
index f54b3fa175..61c87278ba 100644
--- a/plugins/baser-core/tests/TestCase/Service/PermissionsServiceTest.php
+++ b/plugins/baser-core/tests/TestCase/Service/PermissionsServiceTest.php
@@ -513,6 +513,22 @@ public function testConvertRegexUrl(): void
         $expected = '/^\/admin\/posts(|\/.*?)$/is';
         $result = $this->PermissionsService->convertRegexUrl($url);
         $this->assertEquals($expected, $result);
+
+        // DB保存の標準プレフィックスが実際のprefix aliasに変換されることを確認
+        $baserCorePrefix = BcUtil::getBaserCorePrefix();
+        $adminAlias = Configure::read('BcPrefixAuth.Admin.alias');
+        $apiAdminAlias = Configure::read('BcPrefixAuth.Api/Admin.alias');
+
+        $url = '/baser/admin/baser-core/contents/index';
+        $expected = '/^\/' . preg_quote($baserCorePrefix . $adminAlias . '/baser-core/contents/index', '/') . '$/is';
+        $result = $this->PermissionsService->convertRegexUrl($url);
+        $this->assertEquals($expected, $result);
+
+        $url = '/baser/api/admin/baser-core/contents/index.json';
+        $expected = '/^\/' . preg_quote($baserCorePrefix . $apiAdminAlias . '/baser-core/contents/index.json', '/') . '$/is';
+        $result = $this->PermissionsService->convertRegexUrl($url);
+        $this->assertEquals($expected, $result);
+
     }
 
     /**