diff --git a/src/lib/routes/admin-api/user.ts b/src/lib/routes/admin-api/user.ts
index a0449d1b8d..02d162484e 100644
--- a/src/lib/routes/admin-api/user.ts
+++ b/src/lib/routes/admin-api/user.ts
@@ -65,9 +65,6 @@ class UserController extends Controller {
         );
         const splash = await this.userSplashService.getAllUserSplashs(user);
 
-        // TODO: remove this line after we remove it from db.
-        delete user.permissions;
-
         return res
             .status(200)
             .json({ user, permissions, feedback, splash })
diff --git a/src/lib/services/access-service.ts b/src/lib/services/access-service.ts
index 1303eb5921..e5011a63e4 100644
--- a/src/lib/services/access-service.ts
+++ b/src/lib/services/access-service.ts
@@ -109,9 +109,9 @@ export class AccessService {
         }
     }
 
-    async getPermissionsForUser(user: User): Promise<IUserPermission[]> {
+    async getPermissionsForUser(user: IUser): Promise<IUserPermission[]> {
         if (user.isAPI) {
-            return user.permissions.map((p) => ({
+            return user.permissions?.map((p) => ({
                 permission: p,
             }));
         }