diff --git a/provider/partition-gcp/README.md b/provider/partition-gcp/README.md
index ad2876091436f8940b11e3a338e9013cc954c5ca..95b635050b8acda2dd8a571573b7f220f317d7ac 100644
--- a/provider/partition-gcp/README.md
+++ b/provider/partition-gcp/README.md
@@ -82,6 +82,7 @@ In order to run the service locally or remotely, you will need to have the follo
 | `osm.postgres.username` | ex `postgres` | Postgres admin username | no | - |
 | `osm.postgres.password` | ex `postgres` | Postgres admin password | yes | - |
 | `ENVIRONMENT` | `gcp` or `anthos` | If `anthos` then authorization is disabled | no | - |
+| `SERVICE_ACCOUNT_TAIL` | `****` |By default Partition service while authenticating the request, verifies that the email in provided token belongs to a service account from a specific project by email tail `<GOOGLE_CLOUD_PROJECT> + .iam.gserviceaccount.com`, this behavior can be changed with this variable, you may specify which email tail exactly expected.| no | - |
 
 ## Configuring mappers' Datasources
 
diff --git a/provider/partition-gcp/src/main/java/org/opengroup/osdu/partition/provider/gcp/security/GcpAuthorizationService.java b/provider/partition-gcp/src/main/java/org/opengroup/osdu/partition/provider/gcp/security/GcpAuthorizationService.java
index 0c2a1398c86a1af2dd0b96562d66eed158be2d08..39422914e513f691e795838435f5f59e2600b231 100644
--- a/provider/partition-gcp/src/main/java/org/opengroup/osdu/partition/provider/gcp/security/GcpAuthorizationService.java
+++ b/provider/partition-gcp/src/main/java/org/opengroup/osdu/partition/provider/gcp/security/GcpAuthorizationService.java
@@ -79,11 +79,12 @@ public class GcpAuthorizationService implements IAuthorizationService {
   }
 
   private boolean isAllowedAccount(String accountEmail) {
+    for (String partitionAdmin : configuration.getPartitionAdminAccounts()) {
+      if (partitionAdmin.equals(accountEmail)) {
+        return true;
+      }
+
     if (StringUtils.endsWith(accountEmail, configuration.getServiceAccountTail())) {
-      for (String partitionAdmin : configuration.getPartitionAdminAccounts()) {
-        if (partitionAdmin.equals(accountEmail)) {
-          return true;
-        }
         if (StringUtils.startsWith(accountEmail, partitionAdmin)) {
           return true;
         }