diff --git a/authentik/api/decorators.py b/authentik/api/decorators.py
index 539553dad..00a53ed0f 100644
--- a/authentik/api/decorators.py
+++ b/authentik/api/decorators.py
@@ -7,7 +7,9 @@ from rest_framework.response import Response
 from rest_framework.viewsets import ModelViewSet
 
 
-def permission_required(perm: Optional[str] = None, *other_perms: str):
+def permission_required(
+    perm: Optional[str] = None, other_perms: Optional[list[str]] = None
+):
     """Check permissions for a single custom action"""
 
     def wrapper_outter(func: Callable):
@@ -19,9 +21,10 @@ def permission_required(perm: Optional[str] = None, *other_perms: str):
                 obj = self.get_object()
                 if not request.user.has_perm(perm, obj):
                     return self.permission_denied(request)
-            for other_perm in other_perms:
-                if not request.user.has_perm(other_perm):
-                    return self.permission_denied(request)
+            if other_perms:
+                for other_perm in other_perms:
+                    if not request.user.has_perm(other_perm):
+                        return self.permission_denied(request)
             return func(self, request, *args, **kwargs)
 
         return wrapper
diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py
index 2c9e0adcd..f36d852a0 100644
--- a/authentik/core/api/users.py
+++ b/authentik/core/api/users.py
@@ -131,7 +131,7 @@ class UserViewSet(ModelViewSet):
         serializer.is_valid()
         return Response(serializer.data)
 
-    @permission_required("authentik_core.view_user", "authentik_events.view_event")
+    @permission_required("authentik_core.view_user", ["authentik_events.view_event"])
     @swagger_auto_schema(responses={200: UserMetricsSerializer(many=False)})
     @action(detail=False)
     def metrics(self, request: Request) -> Response:
diff --git a/authentik/crypto/api.py b/authentik/crypto/api.py
index eaba2075b..237548a6a 100644
--- a/authentik/crypto/api.py
+++ b/authentik/crypto/api.py
@@ -113,7 +113,7 @@ class CertificateKeyPairViewSet(ModelViewSet):
     queryset = CertificateKeyPair.objects.all()
     serializer_class = CertificateKeyPairSerializer
 
-    @permission_required(None, "authentik_crypto.add_certificatekeypair")
+    @permission_required(None, ["authentik_crypto.add_certificatekeypair"])
     @swagger_auto_schema(
         request_body=CertificateGenerationSerializer(),
         responses={200: CertificateKeyPairSerializer},