In your AAA profile, make sure you are using the default server group and that the default server group has the "set role condition..." rule attached to it. The "set role condition role value-of" is the rule that says, return the role that the internal user has defined. If you are using a server group without that rule present for authentication, it will only return the default role for that AAA profile.
aaa server-group "default"
auth-server Internal
set role condition role value-of