diff --git a/API/Authentication/GrantNames/SignupGrantNames.cs b/API/Authentication/GrantNames/SignupGrantNames.cs
index 57dbce6..5d1202d 100644
--- a/API/Authentication/GrantNames/SignupGrantNames.cs
+++ b/API/Authentication/GrantNames/SignupGrantNames.cs
@@ -10,5 +10,6 @@ namespace API.Authentication.GrantNames
 		public const string CanUpdate = "api.signup.update";
 		public const string CanDeleteAny = "api.signup.delete.any";
 		public const string CanDelete = "api.signup.delete";
+		public const string CanAddOthers = "api.signup.add.others";
 	}
 }
diff --git a/API/Authentication/SignupAuthentication.cs b/API/Authentication/SignupAuthentication.cs
index b89bda3..eccb7bf 100644
--- a/API/Authentication/SignupAuthentication.cs
+++ b/API/Authentication/SignupAuthentication.cs
@@ -10,15 +10,15 @@ namespace API.Authentication
 	{
 		private readonly IGrantManager _grantManager;
 		private readonly ILogger<SignupAuthentication> _logger;
-		
+
 		public SignupAuthentication(IGrantManager grantManager, ILogger<SignupAuthentication> logger)
 		{
 			_grantManager = grantManager;
 			_logger = logger;
 		}
-		
+
 		//todo make more restrictive 
-		
+
 		public bool canGetAll(User user)
 		{
 			return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanGetAll);
@@ -30,7 +30,9 @@ namespace API.Authentication
 		}
 		public bool canAdd(SignupDTO item, User user)
 		{
-			return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanAdd);
+			if (item.userId == user.id)
+				return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanAdd);
+			return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanAddOthers);
 		}
 		public bool canUpdate(Signup model, User user)
 		{