diff --git a/cvat/apps/iam/permissions.py b/cvat/apps/iam/permissions.py
index f97d73210141..b4e802378f96 100644
--- a/cvat/apps/iam/permissions.py
+++ b/cvat/apps/iam/permissions.py
@@ -151,7 +151,7 @@ def check_access(self) -> PermissionResult:
             response = session.post(self.url, json=self.payload)
             output = response.json()['result']
 
-        allow = True
+        allow = False
         reasons = []
         if isinstance(output, dict):
             allow = output['allow']