diff --git a/src/FederationServer/Methods/Entities/DeleteEntity.php b/src/FederationServer/Methods/Entities/DeleteEntity.php
index 29d70b7..725fa70 100644
--- a/src/FederationServer/Methods/Entities/DeleteEntity.php
+++ b/src/FederationServer/Methods/Entities/DeleteEntity.php
@@ -16,6 +16,12 @@
          */
         public static function handleRequest(): void
         {
+            $authenticatedOperator = FederationServer::getAuthenticatedOperator();
+            if(!$authenticatedOperator->canManageBlacklist())
+            {
+                throw new RequestException('Unauthorized: Insufficient permissions to manage entities', 401);
+            }
+
             if(!preg_match('#^/entities/([a-fA-F0-9\-]{36,})$#', FederationServer::getPath(), $matches))
             {
                 throw new RequestException('Bad Request: Entity UUID is required', 400);