diff --git a/src/bundle/Controller/ContentController.php b/src/bundle/Controller/ContentController.php
index 48f0066e9d..52658be0cb 100644
--- a/src/bundle/Controller/ContentController.php
+++ b/src/bundle/Controller/ContentController.php
@@ -216,6 +216,18 @@ public function hasOnTheFlyCreateAccessAction(Request $request, string $language
                 );
             }
 
+            if (!$permissionResolver->canUser('content', 'publish', $contentCreateStruct, [$locationCreateStruct])) {
+                throw new UnauthorizedException(
+                    'content',
+                    'publish',
+                    [
+                        'contentTypeIdentifier' => $contentType->identifier,
+                        'parentLocationId' => $locationCreateStruct->parentLocationId,
+                        'languageCode' => $languageCode,
+                    ]
+                );
+            }
+
             $response->setData([
                 'access' => true,
             ]);