diff --git a/src/FederationServer/Classes/Configuration.php b/src/FederationServer/Classes/Configuration.php
index 9894335..40447a8 100644
--- a/src/FederationServer/Classes/Configuration.php
+++ b/src/FederationServer/Classes/Configuration.php
@@ -4,7 +4,6 @@
 
     use FederationServer\Classes\Configuration\DatabaseConfiguration;
     use FederationServer\Classes\Configuration\RedisConfiguration;
-    use FederationServer\Classes\Configuration\FileStorageConfiguration;
     use FederationServer\Classes\Configuration\ServerConfiguration;
     use FederationServer\Classes\Enums\AuditLogType;
 
@@ -36,6 +35,7 @@
             self::$configuration->setDefault('server.public_audit_entries', array_map(fn($type) => $type->value, AuditLogType::cases()));
             self::$configuration->setDefault('server.public_evidence', true);
             self::$configuration->setDefault('server.public_blacklist', true);
+            self::$configuration->setDefault('server.public_entities', true);
             self::$configuration->setDefault('server.min_blacklist_time', 1800);
 
             self::$configuration->setDefault('database.host', '127.0.0.1');
diff --git a/src/FederationServer/Classes/Configuration/ServerConfiguration.php b/src/FederationServer/Classes/Configuration/ServerConfiguration.php
index 554b0da..a9a0976 100644
--- a/src/FederationServer/Classes/Configuration/ServerConfiguration.php
+++ b/src/FederationServer/Classes/Configuration/ServerConfiguration.php
@@ -23,6 +23,7 @@
         private array $publicAuditEntries;
         private bool $publicEvidence;
         private bool $publicBlacklist;
+        private bool $publicEntities = true;
         private int $minBlacklistTime;
 
         /**
@@ -46,6 +47,7 @@
             $this->publicAuditEntries = array_map(fn($type) => AuditLogType::from($type), $config['public_audit_entries'] ?? []);
             $this->publicEvidence = $config['public_evidence'] ?? true;
             $this->publicBlacklist = $config['public_blacklist'] ?? true;
+            $this->publicEntities = $config['public_entities'] ?? true;
             $this->minBlacklistTime = $config['min_blacklist_time'] ?? 1800;
         }
 
@@ -189,6 +191,16 @@
             return $this->publicBlacklist;
         }
 
+        /**
+         * Checks if entities are publicly accessible
+         *
+         * @return bool True if public entities is enabled, false otherwise
+         */
+        public function isEntitiesPublic(): bool
+        {
+            return $this->publicEntities;
+        }
+
         /**
          * Returns the minimum allowed time that a blacklist could be set to expire, for example
          * 1800 = 30 Minutes, if a blacklist is set to expire within 30 minutes or more, it's valid, otherwise
diff --git a/src/FederationServer/Methods/Entities/GetEntityRecord.php b/src/FederationServer/Methods/Entities/GetEntityRecord.php
index 249e835..f06f9dc 100644
--- a/src/FederationServer/Methods/Entities/GetEntityRecord.php
+++ b/src/FederationServer/Methods/Entities/GetEntityRecord.php
@@ -17,6 +17,12 @@
          */
         public static function handleRequest(): void
         {
+            $authenticatedOperator = FederationServer::getAuthenticatedOperator();
+            if(!Configuration::getServerConfiguration()->isEntitiesPublic() && $authenticatedOperator === null)
+            {
+                throw new RequestException('Unauthorized: You must be authenticated to view entity records', 401);
+            }
+
             if(!preg_match('#^/entities/([a-fA-F0-9\-]{36,})$#', FederationServer::getPath(), $matches))
             {
                 throw new RequestException('Bad Request: Entity UUID is required', 400);
diff --git a/src/FederationServer/Methods/Entities/ListEntities.php b/src/FederationServer/Methods/Entities/ListEntities.php
index bbe8264..d39dcd1 100644
--- a/src/FederationServer/Methods/Entities/ListEntities.php
+++ b/src/FederationServer/Methods/Entities/ListEntities.php
@@ -16,6 +16,12 @@
          */
         public static function handleRequest(): void
         {
+            $authenticatedOperator = FederationServer::getAuthenticatedOperator();
+            if(!Configuration::getServerConfiguration()->isEntitiesPublic() && $authenticatedOperator === null)
+            {
+                throw new RequestException('Unauthorized: You must be authenticated to view entity records', 401);
+            }
+
             $limit = (int) (FederationServer::getParameter('limit') ?? Configuration::getServerConfiguration()->getListEntitiesMaxItems());
             $page = (int) (FederationServer::getParameter('page') ?? 1);
 
diff --git a/src/FederationServer/Methods/Entities/ListEntityAuditLogs.php b/src/FederationServer/Methods/Entities/ListEntityAuditLogs.php
index 818e8e5..4469efd 100644
--- a/src/FederationServer/Methods/Entities/ListEntityAuditLogs.php
+++ b/src/FederationServer/Methods/Entities/ListEntityAuditLogs.php
@@ -17,7 +17,7 @@
          */
         public static function handleRequest(): void
         {
-            $authenticatedOperator = FederationServer::getAuthenticatedOperator(false);
+            $authenticatedOperator = FederationServer::getAuthenticatedOperator();
             if(!Configuration::getServerConfiguration()->isAuditLogsPublic() && $authenticatedOperator === null)
             {
                 throw new RequestException('Unauthorized: Public audit logs are disabled and no operator is authenticated', 403);