diff --git a/api/rpk-api/firm/core/depends.py b/api/rpk-api/firm/core/depends.py
index 59f62fe..e57a144 100644
--- a/api/rpk-api/firm/core/depends.py
+++ b/api/rpk-api/firm/core/depends.py
@@ -18,41 +18,53 @@ class Registry:
 
         self.current_firm = CurrentFirm.get_current(self.db)
 
-    async def set_user(self, user):
+    def check_user(self, user):
         for firm in user.firms:
             if firm.instance == self.instance and firm.firm == self.firm:
-                partner = await Partner.get_by_user_id(self.db, user.id)
-                partner_entity = await Entity.get(self.db, partner.entity_id)
-                self.user = user
-                self.partner = partner_entity
-                self.db.partner = partner_entity
-                return
+                return True
+        raise PermissionError
+
+    async def set_user(self, user):
+        self.check_user(user)
+
+        partner = await Partner.get_by_user_id(self.db, user.id)
+        partner_entity = await Entity.get(self.db, partner.entity_id)
+        self.user = user
+        self.partner = partner_entity
+        self.db.partner = partner_entity
+        return
 
         raise PermissionError
 
 async def get_tenant_registry(instance: str, firm: str, db_client=Depends(get_db_client)) -> Registry:
     registry = Registry(db_client, instance, firm)
     if await registry.current_firm is None:
-        raise HTTPException(status_code=405, detail=f"Firm needs to be initialized first")
+        raise HTTPException(status_code=404, detail="This firm doesn't exist or you are not allowed to access it.")
 
     return registry
 
-async def get_authed_tenant_registry(registry=Depends(get_tenant_registry), user=Depends(get_current_user)) -> Registry:
+async def get_authed_tenant_registry(instance: str, firm: str, db_client=Depends(get_db_client), user=Depends(get_current_user)) -> Registry:
+    registry = Registry(db_client, instance, firm)
     try:
-        await registry.set_user(user)
+        registry.check_user(user)
     except PermissionError:
         raise HTTPException(status_code=404, detail="This firm doesn't exist or you are not allowed to access it.")
 
+    if await registry.current_firm is None:
+        raise HTTPException(status_code=405, detail=f"Firm needs to be initialized first")
+
+    await registry.set_user(user)
     return registry
 
 async def get_uninitialized_registry(instance: str, firm: str, db_client=Depends(get_db_client), user=Depends(get_current_user)) -> Registry:
     registry = Registry(db_client, instance, firm)
-    if await registry.current_firm is not None:
-        raise HTTPException(status_code=409, detail="Firm configuration already exists")
-
     try:
-        await registry.set_user(user)
+        registry.check_user(user)
     except PermissionError:
         raise HTTPException(status_code=404, detail="This firm doesn't exist or you are not allowed to access it.")
 
+    if await registry.current_firm is not None:
+        raise HTTPException(status_code=409, detail="Firm configuration already exists")
+
+    await registry.set_user(user)
     return registry