diff --git a/backend/app/schemas/auth.py b/backend/app/schemas/auth.py
index 9cd7776..cba9755 100644
--- a/backend/app/schemas/auth.py
+++ b/backend/app/schemas/auth.py
@@ -62,3 +62,9 @@ class ChangePasswordRequest(BaseModel):
 
     old_password: str
     new_password: str
+
+
+class MFADisableRequest(BaseModel):
+    """Password confirmation required to disable MFA."""
+
+    password: str
diff --git a/backend/app/schemas/user.py b/backend/app/schemas/user.py
index 6856aa4..abb0b7d 100644
--- a/backend/app/schemas/user.py
+++ b/backend/app/schemas/user.py
@@ -12,6 +12,10 @@ class UserResponse(BaseModel):
     id: int
     username: str
     email: str
+    first_name: Optional[str] = None
+    last_name: Optional[str] = None
+    display_name: Optional[str] = None
+    avatar_url: Optional[str] = None
     role: str
     mfa_enabled: bool
     is_active: bool
@@ -30,6 +34,16 @@ class UserCreate(BaseModel):
     role: str = "dak_mitarbeiter"
 
 
+class ProfileUpdate(BaseModel):
+    """Self-service profile update (authenticated user edits own data)."""
+
+    first_name: Optional[str] = None
+    last_name: Optional[str] = None
+    display_name: Optional[str] = None
+    username: Optional[str] = None
+    email: Optional[EmailStr] = None
+
+
 class UserUpdate(BaseModel):
     """Admin-only: partial update of user fields."""