diff --git a/src/domain/entities/team.ts b/src/domain/entities/team.ts
index 6cf50b31..c8e95b04 100644
--- a/src/domain/entities/team.ts
+++ b/src/domain/entities/team.ts
@@ -1,6 +1,7 @@
 import type { NoteInternalId } from './note.js';
 import type User from './user.js';
 
+
 export enum MemberRole {
   /**
    * Team member can read and write notes
diff --git a/src/presentation/http/fastify.d.ts b/src/presentation/http/fastify.d.ts
index ec723764..d9ad86d8 100644
--- a/src/presentation/http/fastify.d.ts
+++ b/src/presentation/http/fastify.d.ts
@@ -6,6 +6,7 @@ import type Policies from './policies/index.js';
 import type AuthPayload from '@domain/entities/authPayload.js';
 import type { Note } from '@domain/entities/note.js';
 import type NoteSettings from '@domain/entities/noteSettings.js';
+import type { Team, TeamMember } from '@domain/entities/team';
 
 declare module 'fastify' {
   export interface FastifyInstance<
@@ -62,6 +63,11 @@ declare module 'fastify' {
      * This property added by noteSettingsResolver middleware
      */
     noteSettings: NoteSettings | null;
+
+    /**
+     * This property added by teamMemberIdResolver middleware
+     */
+    teamMemberId: TeamMember['id'] | null;
   }
 
   /**
diff --git a/src/presentation/http/policies/userInTeam.ts b/src/presentation/http/policies/userInTeam.ts
index 46c2ca08..a4aafee6 100644
--- a/src/presentation/http/policies/userInTeam.ts
+++ b/src/presentation/http/policies/userInTeam.ts
@@ -13,14 +13,14 @@ export default async function userInTeam(request: FastifyRequest, reply: Fastify
 
   if (isEmpty(userId)) {
     return await reply.unauthorized();
-  };
+  }
 
   /**
    * If note is not resolved, we can't check permissions
    */
   if (isEmpty(request.note)) {
     return await reply.notAcceptable('Note not found');
-  };
+  }
 
   const { creatorId } = request.note;
 
@@ -30,4 +30,13 @@ export default async function userInTeam(request: FastifyRequest, reply: Fastify
   if (creatorId !== userId) {
     return await reply.forbidden();
   }
+
+  const { teamMemberId } = request;
+
+  /**
+   * Checking if user is part of the team
+   */
+  if (userId !== teamMemberId) {
+    return await reply.forbidden();
+  }
 }