diff --git a/connect/usecases/authorizations/delete.py b/connect/usecases/authorizations/delete.py
index f941fb83..bc3bd1c4 100644
--- a/connect/usecases/authorizations/delete.py
+++ b/connect/usecases/authorizations/delete.py
@@ -1,4 +1,5 @@
 from django.db.models import QuerySet
+from rest_framework.exceptions import PermissionDenied
 from connect.common.models import (
     Organization,
     User,
@@ -53,6 +54,8 @@ def delete_project_authorization(self, project: Project, user: User, role: int =
             )
 
     def delete_authorization(self, auth_dto: DeleteAuthorizationDTO):
+        if auth_dto.request_user:
+            request_user : User = RetrieveUserUseCase().get_user_by_email(email=auth_dto.request_user)
 
         if auth_dto.user_email:
             user: User = RetrieveUserUseCase().get_user_by_email(email=auth_dto.user_email)
@@ -61,6 +64,9 @@ def delete_authorization(self, auth_dto: DeleteAuthorizationDTO):
 
         org: Organization = RetrieveOrganizationUseCase().get_organization_by_uuid(org_uuid=auth_dto.org_uuid)
 
+        if not org.authorizations.filter(user=request_user).exists():
+            raise PermissionDenied("User does not have permission to perform this action")
+
         org_auth = org.authorizations.get(user=user)
 
         projects_uuids: QuerySet = user.project_authorizations_user.filter(organization_authorization__organization=org).values_list("project", flat=True)