diff --git a/Jellyfin.Api/Auth/SyncPlayAccessPolicy/SyncPlayAccessHandler.cs b/Jellyfin.Api/Auth/SyncPlayAccessPolicy/SyncPlayAccessHandler.cs
index 2c3294523..b5932ea6b 100644
--- a/Jellyfin.Api/Auth/SyncPlayAccessPolicy/SyncPlayAccessHandler.cs
+++ b/Jellyfin.Api/Auth/SyncPlayAccessPolicy/SyncPlayAccessHandler.cs
@@ -43,7 +43,7 @@ namespace Jellyfin.Api.Auth.SyncPlayAccessPolicy
var user = _userManager.GetUserById(userId!.Value);
if ((requirement.RequiredAccess.HasValue && user.SyncPlayAccess == requirement.RequiredAccess)
- || (user.SyncPlayAccess == SyncPlayAccess.JoinGroups || user.SyncPlayAccess == SyncPlayAccess.CreateAndJoinGroups))
+ || user.SyncPlayAccess == SyncPlayAccess.CreateAndJoinGroups)
{
context.Succeed(requirement);
}
diff --git a/Jellyfin.Api/Controllers/SyncPlayController.cs b/Jellyfin.Api/Controllers/SyncPlayController.cs
index 32e020c8a..471c9180d 100644
--- a/Jellyfin.Api/Controllers/SyncPlayController.cs
+++ b/Jellyfin.Api/Controllers/SyncPlayController.cs
@@ -69,6 +69,7 @@ namespace Jellyfin.Api.Controllers
/// A indicating success.
[HttpPost("Join")]
[ProducesResponseType(StatusCodes.Status204NoContent)]
+ [Authorize(Policy = Policies.SyncPlayAccess)]
public ActionResult SyncPlayJoinGroup(
[FromBody, Required] JoinGroupRequestDto requestData)
{
@@ -100,6 +101,7 @@ namespace Jellyfin.Api.Controllers
/// An containing the available SyncPlay groups.
[HttpGet("List")]
[ProducesResponseType(StatusCodes.Status200OK)]
+ [Authorize(Policy = Policies.SyncPlayAccess)]
public ActionResult> SyncPlayGetGroups()
{
var currentSession = RequestHelpers.GetSession(_sessionManager, _authorizationContext, Request);
diff --git a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
index cdcc4bb86..7c4d341df 100644
--- a/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
+++ b/Jellyfin.Server/Extensions/ApiServiceCollectionExtensions.cs
@@ -131,7 +131,7 @@ namespace Jellyfin.Server.Extensions
policy =>
{
policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
- policy.AddRequirements(new SyncPlayAccessRequirement());
+ policy.AddRequirements(new SyncPlayAccessRequirement(SyncPlayAccess.JoinGroups));
});
options.AddPolicy(
Policies.SyncPlayCreateGroupAccess,