diff --git a/awx/main/access.py b/awx/main/access.py
index 16e6cfbde1..f47198e4b0 100644
--- a/awx/main/access.py
+++ b/awx/main/access.py
@@ -1078,10 +1078,7 @@ class AdHocCommandAccess(BaseAccess):
     '''
     I can only see/run ad hoc commands when:
     - I am a superuser.
-    - I am an org admin and have permission to read the credential.
-    - I am a normal user with a user/team permission that has at least read
-      permission on the inventory and the run_ad_hoc_commands flag set, and I
-      can read the credential.
+    - I have read access to the inventory
     '''
     model = AdHocCommand
 
@@ -1092,11 +1089,8 @@ class AdHocCommandAccess(BaseAccess):
         if self.user.is_superuser:
             return qs.all()
 
-        credential_ids = set(self.user.get_queryset(Credential).values_list('id', flat=True))
         inventory_qs = Inventory.accessible_objects(self.user, 'read_role')
-
-        return qs.filter(credential_id__in=credential_ids,
-                         inventory__in=inventory_qs)
+        return qs.filter(inventory__in=inventory_qs)
 
     def can_add(self, data):
         if not data:  # So the browseable API will work
@@ -1104,11 +1098,11 @@ class AdHocCommandAccess(BaseAccess):
 
         self.check_license()
 
-        # If a credential is provided, the user should have read access to it.
+        # If a credential is provided, the user should have use access to it.
         credential_pk = get_pk_from_dict(data, 'credential')
         if credential_pk:
             credential = get_object_or_400(Credential, pk=credential_pk)
-            if self.user not in credential.read_role:
+            if self.user not in credential.use_role:
                 return False
 
         # Check that the user has the run ad hoc command permission on the
diff --git a/awx/main/tests/functional/api/test_adhoc.py b/awx/main/tests/functional/api/test_adhoc.py
index 43326afcb4..e7029b0c79 100644
--- a/awx/main/tests/functional/api/test_adhoc.py
+++ b/awx/main/tests/functional/api/test_adhoc.py
@@ -122,7 +122,7 @@ def test_get_inventory_ad_hoc_command_list(admin, alice, post_adhoc, get, invent
 
     inv1.adhoc_role.members.add(alice)
     res = get(reverse('api:inventory_ad_hoc_commands_list', args=(inv1.id,)), alice, expect=200)
-    assert res.data['count'] == 0
+    assert res.data['count'] == 1
 
     machine_credential.use_role.members.add(alice)
     res = get(reverse('api:inventory_ad_hoc_commands_list', args=(inv1.id,)), alice, expect=200)