diff --git a/src/Bundle/ChillPersonBundle/Controller/AccompanyingCourseApiController.php b/src/Bundle/ChillPersonBundle/Controller/AccompanyingCourseApiController.php
index 35fb8d64b..e5e8140ad 100644
--- a/src/Bundle/ChillPersonBundle/Controller/AccompanyingCourseApiController.php
+++ b/src/Bundle/ChillPersonBundle/Controller/AccompanyingCourseApiController.php
@@ -256,7 +256,7 @@ final class AccompanyingCourseApiController extends ApiController
     public function toggleConfidentialApi(AccompanyingPeriod $accompanyingCourse, Request $request)
     {
         if ($request->getMethod() === 'POST') {
-            $this->denyAccessUnlessGranted(AccompanyingPeriodVoter::CONFIDENTIAL, $accompanyingCourse);
+            $this->denyAccessUnlessGranted(AccompanyingPeriodVoter::TOGGLE_CONFIDENTIAL, $accompanyingCourse);
 
             $accompanyingCourse->setConfidential(!$accompanyingCourse->isConfidential());
             $this->getDoctrine()->getManager()->flush();