diff --git a/apps/assets/api/accounts.py b/apps/assets/api/accounts.py
index a60ff3e4f..b4e75122b 100644
--- a/apps/assets/api/accounts.py
+++ b/apps/assets/api/accounts.py
@@ -64,7 +64,8 @@ class AccountViewSet(OrgBulkModelViewSet):
         'verify_account': serializers.AssetTaskSerializer
     }
     rbac_perms = {
-        'verify_account': 'assets.test_authbook'
+        'verify_account': 'assets.test_authbook',
+        'PATCH': 'assets.change_assetaccountsecret'
     }
 
     def get_queryset(self):
diff --git a/apps/rbac/const.py b/apps/rbac/const.py
index c8a75fb42..65f7d0867 100644
--- a/apps/rbac/const.py
+++ b/apps/rbac/const.py
@@ -38,7 +38,7 @@ exclude_permissions = (
     ('assets', 'assetuser', '*', '*'),
     ('assets', 'gathereduser', 'add,delete,change', 'gathereduser'),
     ('assets', 'accountbackupplanexecution', 'delete,change', 'accountbackupplanexecution'),
-    ('assets', 'authbook', 'add', 'authbook'),
+    ('assets', 'authbook', 'add,change', 'authbook'),
     ('perms', 'userassetgrantedtreenoderelation', '*', '*'),
     ('perms', 'usergrantedmappingnode', '*', '*'),
     ('perms', 'permnode', '*', '*'),