diff --git a/EnvelopeGenerator.Server/EnvelopeGenerator.Server/Controllers/DocumentController.cs b/EnvelopeGenerator.Server/EnvelopeGenerator.Server/Controllers/DocumentController.cs
index 01d476b3..f54780be 100644
--- a/EnvelopeGenerator.Server/EnvelopeGenerator.Server/Controllers/DocumentController.cs
+++ b/EnvelopeGenerator.Server/EnvelopeGenerator.Server/Controllers/DocumentController.cs
@@ -30,35 +30,16 @@ public class DocumentController(IMediator mediator, IAuthorizationService authSe
     /// <param name="query">Encoded envelope key.</param>
     /// <param name="cancel">Cancellation token.</param>
     [HttpGet]
-    [Authorize(Policy = AuthPolicy.SenderOrReceiver)]
+    [Authorize(Policy = AuthPolicy.Sender)]
     public async Task<IActionResult> GetDocument(CancellationToken cancel, [FromQuery] ReadDocumentQuery? query = null)
     {
-        // Sender: expects query with envelope key
-        if (await this.IsUserInPolicyAsync(AuthPolicy.Sender))
-        {
-            if (query is null)
-                return BadRequest("Missing document query.");
+        if (query is null)
+            return BadRequest("Missing document query.");
 
-            var senderDoc = await mediator.Send(query, cancel);
-            return senderDoc.ByteData is byte[] senderDocByte
-                ? File(senderDocByte, "application/octet-stream")
-                : NotFound("Document is empty.");
-        }
-
-        // Receiver: resolve envelope id from claims
-        if (await this.IsUserInPolicyAsync(AuthPolicy.Receiver))
-        {           
-            if (query is not null)
-                return BadRequest("Query parameters are not allowed for receiver role.");
-
-            var envelopeId = User.EnvelopeId();
-            var receiverDoc = await mediator.Send(new ReadDocumentQuery { EnvelopeId = envelopeId }, cancel);
-            return receiverDoc.ByteData is byte[] receiverDocByte
-                ? File(receiverDocByte, "application/octet-stream")
-                : NotFound("Document is empty.");
-        }
-
-        return Unauthorized();
+        var senderDoc = await mediator.Send(query, cancel);
+        return senderDoc.ByteData is byte[] senderDocByte
+            ? File(senderDocByte, "application/octet-stream")
+            : NotFound("Document is empty.");
     }
 
     /// <summary>
diff --git a/EnvelopeGenerator.Server/EnvelopeGenerator.Server/Program.cs b/EnvelopeGenerator.Server/EnvelopeGenerator.Server/Program.cs
index ad1e8881..36c952a2 100644
--- a/EnvelopeGenerator.Server/EnvelopeGenerator.Server/Program.cs
+++ b/EnvelopeGenerator.Server/EnvelopeGenerator.Server/Program.cs
@@ -255,7 +255,6 @@ try
 
     // Authorization Policies
     builder.Services.AddAuthorizationBuilder()
-        .AddPolicy(AuthPolicy.SenderOrReceiver, policy => policy.RequireRole(Role.Sender, Role.Receiver.Full))
         .AddPolicy(AuthPolicy.Sender, policy => policy
             .RequireRole(Role.Sender)
             .AddAuthenticationSchemes(AuthScheme.Sender))