diff --git a/services/web/app/coffee/Features/UserMembership/UserMembershipAuthorization.coffee b/services/web/app/coffee/Features/UserMembership/UserMembershipAuthorization.coffee
index 19bff5b2e0..f9be14b9ba 100644
--- a/services/web/app/coffee/Features/UserMembership/UserMembershipAuthorization.coffee
+++ b/services/web/app/coffee/Features/UserMembership/UserMembershipAuthorization.coffee
@@ -50,7 +50,10 @@ module.exports = UserMembershipAuthorization =
 			req.template =
 				id: body.id
 				title: body.title
-			requireAccessToEntity('publisher', body.brand.slug, req, res, next)
+			if body?.brand?.slug
+				requireAccessToEntity('publisher', body.brand.slug, req, res, next)
+			else
+				AuthorizationMiddlewear.ensureUserIsSiteAdmin(req, res, next)
 
 	requireGraphAccess: (req, res, next) ->
 		if req.query.resource_type == 'template'
diff --git a/services/web/test/unit/coffee/UserMembership/UserMembershipAuthorizationTests.coffee b/services/web/test/unit/coffee/UserMembership/UserMembershipAuthorizationTests.coffee
index d21de25c1f..a708b6106d 100644
--- a/services/web/test/unit/coffee/UserMembership/UserMembershipAuthorizationTests.coffee
+++ b/services/web/test/unit/coffee/UserMembership/UserMembershipAuthorizationTests.coffee
@@ -21,6 +21,7 @@ describe "UserMembershipAuthorization", ->
 			getEntityWithoutAuthorizationCheck: sinon.stub().yields(null, @subscription)
 		@AuthorizationMiddlewear =
 			redirectToRestricted: sinon.stub().yields()
+			ensureUserIsSiteAdmin: sinon.stub().yields()
 		@UserMembershipAuthorization = SandboxedModule.require modulePath, requires:
 			'../Authentication/AuthenticationController': @AuthenticationController
 			'../Authorization/AuthorizationMiddlewear': @AuthorizationMiddlewear
@@ -132,7 +133,7 @@ describe "UserMembershipAuthorization", ->
 				)
 				done()
 
-		it 'handle template access', (done) ->
+		it 'handle template with brand access', (done) ->
 			templateData =
 				id: 123
 				title: 'Template Title'
@@ -147,6 +148,18 @@ describe "UserMembershipAuthorization", ->
 				)
 				done()
 
+		it 'handle template without brand access', (done) ->
+			templateData =
+				id: 123
+				title: 'Template Title'
+				brand: null
+			@request.yields(null, { statusCode: 200 }, JSON.stringify(templateData))
+			@UserMembershipAuthorization.requireTemplateAccess @req, null, (error) =>
+				expect(error).to.not.extist
+				sinon.assert.notCalled(@UserMembershipHandler.getEntity)
+				sinon.assert.calledOnce(@AuthorizationMiddlewear.ensureUserIsSiteAdmin)
+				done()
+
 		it 'handle graph access', (done) ->
 			@req.query.resource_id = 'mock-resource-id'
 			@req.query.resource_type = 'institution'