diff --git a/runtime/actions/get.go b/runtime/actions/get.go
index bd5a0badb..332e1b8ea 100644
--- a/runtime/actions/get.go
+++ b/runtime/actions/get.go
@@ -30,20 +30,18 @@ func Get(scope *Scope, input map[string]any) (map[string]any, error) {
 		return nil, err
 	}
 
-	if !canResolveEarly {
-		rowsToAuthorise := []map[string]any{}
-		if res != nil {
-			rowsToAuthorise = append(rowsToAuthorise, res)
-		}
+	rowsToAuthorise := []map[string]any{}
+	if res != nil {
+		rowsToAuthorise = append(rowsToAuthorise, res)
+	}
 
-		isAuthorised, err := AuthoriseAction(scope, input, rowsToAuthorise)
-		if err != nil {
-			return nil, err
-		}
+	isAuthorised, err := AuthoriseAction(scope, input, rowsToAuthorise)
+	if err != nil {
+		return nil, err
+	}
 
-		if !isAuthorised {
-			return nil, common.NewPermissionError()
-		}
+	if !isAuthorised {
+		return nil, common.NewPermissionError()
 	}
 
 	return res, err
diff --git a/runtime/actions/list.go b/runtime/actions/list.go
index c3df6c068..f0a9cd27f 100644
--- a/runtime/actions/list.go
+++ b/runtime/actions/list.go
@@ -134,15 +134,13 @@ func List(scope *Scope, input map[string]any) (map[string]any, error) {
 		return nil, err
 	}
 
-	if !canResolveEarly {
-		isAuthorised, err := AuthoriseAction(scope, input, results)
-		if err != nil {
-			return nil, err
-		}
+	isAuthorised, err := AuthoriseAction(scope, input, results)
+	if err != nil {
+		return nil, err
+	}
 
-		if !isAuthorised {
-			return nil, common.NewPermissionError()
-		}
+	if !isAuthorised {
+		return nil, common.NewPermissionError()
 	}
 
 	return map[string]any{