diff --git a/api/controllers/admin/wraps.py b/api/controllers/admin/wraps.py
index 65615b4856..da53af1272 100644
--- a/api/controllers/admin/wraps.py
+++ b/api/controllers/admin/wraps.py
@@ -43,8 +43,13 @@ def validate_admin_token_and_extract_info(view: Optional[Callable] = None):
                 raise Unauthorized("Invalid token: user not found")
             if account.status != AccountStatus.ACTIVE:
                 raise Unauthorized("Invalid token: account is not active")
-            if account.current_role != TenantAccountJoinRole.END_ADMIN.value:
-                raise Unauthorized("Invalid token: account is not end admin")
+            allowed_roles = [
+                TenantAccountJoinRole.END_ADMIN.value,
+                TenantAccountJoinRole.OWNER.value,
+                TenantAccountJoinRole.ADMIN.value
+            ]
+            if account.current_role not in allowed_roles:
+                raise Unauthorized("Invalid token: account does not have admin privileges")
 
             app_id = request.headers.get("X-App-Id")
             if not app_id: