diff --git a/EnvelopeGenerator.Web/Controllers/EnvelopeController.cs b/EnvelopeGenerator.Web/Controllers/EnvelopeController.cs
index 055c3879..9c1f399f 100644
--- a/EnvelopeGenerator.Web/Controllers/EnvelopeController.cs
+++ b/EnvelopeGenerator.Web/Controllers/EnvelopeController.cs
@@ -193,7 +193,13 @@ public class EnvelopeController : ViewControllerBase
 
     private async Task<IActionResult> CreateEnvelopeLockedView(EnvelopeReceiverDto er, CancellationToken cancel)
     {
-        if (User.IsInRole(ReceiverRole.FullyAuth))
+        var uuidClaim = User.GetAuthEnvelopeUuid();
+        var signatureClaim = User.GetAuthReceiverSignature();
+        if (uuidClaim is not null
+            && uuidClaim == er.Envelope?.Uuid
+            && signatureClaim is not null
+            && signatureClaim == er.Receiver?.Signature
+            && User.IsInRole(ReceiverRole.FullyAuth))
         {
             if (er.Envelope!.Documents?.FirstOrDefault() is DocumentDto doc && doc.ByteData is not null)
             {