diff --git a/awx/api/views.py b/awx/api/views.py
index 3c4dae15a0..f75e82bc6c 100644
--- a/awx/api/views.py
+++ b/awx/api/views.py
@@ -1240,7 +1240,7 @@ class CredentialList(ListCreateAPIView):
             organization = Organization.objects.get(pk=request.data['organization'])
             obj = organization
 
-        if self.request.user not in obj.admin_role:
+        if not self.request.user.can_access(type(obj), 'change', obj, request.data):
             raise PermissionDenied()
 
         ret = super(CredentialList, self).post(request, *args, **kwargs)