diff --git a/notification-core/src/main/java/org/opengroup/osdu/notification/auth/AuthorizationFilter.java b/notification-core/src/main/java/org/opengroup/osdu/notification/auth/AuthorizationFilter.java
index 0d469306832359795a90ab339dd622f2a93a6d85..a69afee5236d5d4f03873c112f5e1c3e140a992e 100644
--- a/notification-core/src/main/java/org/opengroup/osdu/notification/auth/AuthorizationFilter.java
+++ b/notification-core/src/main/java/org/opengroup/osdu/notification/auth/AuthorizationFilter.java
@@ -63,25 +63,23 @@ public class AuthorizationFilter {
         if (Arrays.asList(requiredRoles).contains(Config.CRON) && requestInfoExt.isCronRequest()) {
             dpsHeaders.put(DpsHeaders.USER_EMAIL, Config.CRON);
             requestInfoExt.setHeaders(dpsHeaders);
-            return true;
         } else if (Arrays.asList(requiredRoles).contains(Config.PUBSUB)) {
             String jwt = dpsHeaders.getAuthorization().substring(BEARER_PREFIX.length());
             if (!this.validator.isValidPublisherServiceAccount(jwt)) {
-                if (!this.authorizeWithEntitlements(requiredRoles)) {
-                    throw new AppException(401, "Invalid User Identity", "this user is not authorized for this operation");
-                }
+                this.authorizeWithEntitlements(requiredRoles);
+            } else {
+                return false;
             }
-            return true;
         } else {
-            return authorizeWithEntitlements(requiredRoles);
+            authorizeWithEntitlements(requiredRoles);
         }
+        return true;
     }
 
-    private boolean authorizeWithEntitlements(String... requiredRoles) {
-        AuthorizationResponse authorizationResponse = authService.authorizeAny(requestInfoExt.getHeaders(), requiredRoles);
+    private void authorizeWithEntitlements(String... requiredRoles) {
         DpsHeaders dpsHeaders = requestInfoExt.getHeaders();
+        AuthorizationResponse authorizationResponse = authService.authorizeAny(dpsHeaders, requiredRoles);
         dpsHeaders.put(DpsHeaders.USER_EMAIL, authorizationResponse.getUser());
         requestInfoExt.setHeaders(dpsHeaders);
-        return true;
     }
 }
diff --git a/notification-core/src/test/java/org/opengroup/osdu/notification/auth/AuthorizationFilterTest.java b/notification-core/src/test/java/org/opengroup/osdu/notification/auth/AuthorizationFilterTest.java
index 44cfac89b8fb4d17fa2a8ceb07740d18aa3e93d2..5ae208b775bc12e82bf8153278d2f95891c67cd1 100644
--- a/notification-core/src/test/java/org/opengroup/osdu/notification/auth/AuthorizationFilterTest.java
+++ b/notification-core/src/test/java/org/opengroup/osdu/notification/auth/AuthorizationFilterTest.java
@@ -112,7 +112,7 @@ public class AuthorizationFilterTest {
         this.sut.hasAnyPermission(ROLE3);
     }
 
-    @Test
+    @Test(expected = Test.None.class)
     public void should_authenticateRequest_when_isFromPubsubAndUserIdentityIsCorrect() {
         when(headers.getAuthorization()).thenReturn(TEST_PUBSUB_JWT);
         when(this.validator.isValidServiceAccount(any(), any())).thenReturn(true);