diff --git a/server/src/modules/data-queries/controller.ts b/server/src/modules/data-queries/controller.ts
index 6ee4183d8f..69b539d82d 100644
--- a/server/src/modules/data-queries/controller.ts
+++ b/server/src/modules/data-queries/controller.ts
@@ -20,6 +20,7 @@ import { AppAbility } from '@modules/casl/casl-ability.factory';
 import { AppDecorator } from '@modules/app/decorators/app.decorator';
 import { DataQuery } from '@entities/data_query.entity';
 import { IDataQueriesController } from './interfaces/IController';
+import { QueryAuthGuard } from './guards/query-auth.guard';
 @Controller('data-queries')
 @InitModule(MODULES.DATA_QUERY)
 export class DataQueriesController implements IDataQueriesController {
@@ -125,13 +126,7 @@ export class DataQueriesController implements IDataQueriesController {
   }
 
   @InitFeature(FEATURE_KEY.RUN_VIEWER)
-  @UseGuards(
-    JwtAuthGuard,
-    ValidateQueryAppGuard,
-    AppFeatureAbilityGuard,
-    ValidateQuerySourceGuard,
-    DataSourceFeatureAbilityGuard
-  )
+  @UseGuards(QueryAuthGuard)
   @Post(':id/run')
   async runQuery(
     @User() user: UserEntity,
diff --git a/server/src/modules/data-queries/guards/validate-query-app.guard.ts b/server/src/modules/data-queries/guards/validate-query-app.guard.ts
index a5e3029460..5c227e8142 100644
--- a/server/src/modules/data-queries/guards/validate-query-app.guard.ts
+++ b/server/src/modules/data-queries/guards/validate-query-app.guard.ts
@@ -20,7 +20,7 @@ export class ValidateQueryAppGuard implements CanActivate {
     const appId = request.body?.app_id;
     const user: User = request.user;
 
-    if (!versionId) {
+    if (!id && !versionId && !appId) {
       throw new BadRequestException();
     }
 
@@ -30,13 +30,13 @@ export class ValidateQueryAppGuard implements CanActivate {
     }
     let app;
     if (id) {
-      app = await this.appsRepository.findByDataQuery(id, user.organizationId, versionId);
+      app = await this.appsRepository.findByDataQuery(id, user?.organizationId, versionId);
     }
     if (appId) {
-      app = await this.appsRepository.findById(appId, user.organizationId, versionId);
+      app = await this.appsRepository.findById(appId, user?.organizationId, versionId);
     }
     if (versionId) {
-      app = await this.versionRepository.findAppFromVersion(versionId, user.organizationId);
+      app = await this.versionRepository.findAppFromVersion(versionId, user?.organizationId);
     }
 
     // If app is not found, throw NotFoundException