1 files changed, 8 insertions, 8 deletions

diff --git a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
index c4567d058..7d68aecf9 100644
--- a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
+++ b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
@@ -1,5 +1,4 @@
-using System;
-using System.Security.Claims;
+using System.Security.Claims;
 using Jellyfin.Api.Helpers;
 using Jellyfin.Data.Enums;
 using MediaBrowser.Common.Extensions;
@@ -51,6 +50,13 @@ namespace Jellyfin.Api.Auth
             bool localAccessOnly = false,
             bool requiredDownloadPermission = false)
         {
+            // ApiKey is currently global admin, always allow.
+            var isApiKey = ClaimHelpers.GetIsApiKey(claimsPrincipal);
+            if (isApiKey)
+            {
+                return true;
+            }
+
             // Ensure claim has userId.
             var userId = ClaimHelpers.GetUserId(claimsPrincipal);
             if (!userId.HasValue)
@@ -58,12 +64,6 @@ namespace Jellyfin.Api.Auth
                 return false;
             }
 
-            // UserId of Guid.Empty means token is an apikey.
-            if (userId.Equals(Guid.Empty))
-            {
-                return true;
-            }
-
             // Ensure userId links to a valid user.
             var user = _userManager.GetUserById(userId.Value);
             if (user == null)