diff --git a/engines/registry/app/models/registry/access_scope.rb b/engines/registry/app/models/registry/access_scope.rb
index ecfb86839..391270271 100644
--- a/engines/registry/app/models/registry/access_scope.rb
+++ b/engines/registry/app/models/registry/access_scope.rb
@@ -40,7 +40,11 @@ def to_s
   end
 
   def granted(client: nil)
-    aa = authorized_actions(client)
+    # aa = authorized_actions(client)
+    # TODO: decide on a policy to grant a system access to products/images
+    # in the meantime, allow access to any action
+    # if basisc auth is OK (username/password)
+    aa = @actions
     Rails.logger.info "Granted actions for user '#{client&.account || '<anonymous>'}': #{aa}"
     {
       'type' => @type,