diff --git a/server/AyaNova/Controllers/DataListController.cs b/server/AyaNova/Controllers/DataListController.cs
index 709a49c8..9cfb95e4 100644
--- a/server/AyaNova/Controllers/DataListController.cs
+++ b/server/AyaNova/Controllers/DataListController.cs
@@ -93,6 +93,7 @@ namespace AyaNova.Api.Controllers
                     return StatusCode(403, new ApiNotAuthorizedResponse());
 
                 //IF user is a customer type check if they are allowed to view this datalist
+                //and build the data list internal 'client' criteria
                 if (UType == UserType.Customer || UType == UserType.HeadOffice)
                     if (!await HandleCustomerTypeUserDataListRequest(UserId, tableRequest))
                         return StatusCode(403, new ApiNotAuthorizedResponse());
@@ -128,7 +129,7 @@ namespace AyaNova.Api.Controllers
             }
 
             //Build client criteria if user is of correct type
-            var UserInfo = await ct.User.AsNoTracking().Select(x => new { x.UserType, x.CustomerId, x.HeadOfficeId }).FirstOrDefaultAsync();
+            var UserInfo = await ct.User.AsNoTracking().Where(x => x.Id == currentUserId).Select(x => new { x.UserType, x.CustomerId, x.HeadOfficeId }).SingleOrDefaultAsync();
             switch (UserInfo.UserType)
             {
                 case UserType.Customer: