diff --git a/app/controllers/api/v1/merchants_controller.rb b/app/controllers/api/v1/merchants_controller.rb
index 53df0ac35..20141588d 100644
--- a/app/controllers/api/v1/merchants_controller.rb
+++ b/app/controllers/api/v1/merchants_controller.rb
@@ -12,7 +12,7 @@ module Api
     #   GET /api/v1/merchants/:id
     #
     class MerchantsController < BaseController
-      before_action :ensure_read_scope
+      before_action -> { authorize_scope!(:read) }
 
       # List all merchants available to the family
       #
diff --git a/app/controllers/api/v1/tags_controller.rb b/app/controllers/api/v1/tags_controller.rb
index 287642930..42dfcf7df 100644
--- a/app/controllers/api/v1/tags_controller.rb
+++ b/app/controllers/api/v1/tags_controller.rb
@@ -13,8 +13,8 @@ module Api
     #   { "tag": { "name": "WhiteHouse", "color": "#3b82f6" } }
     #
     class TagsController < BaseController
-      before_action :ensure_read_scope, only: %i[index show]
-      before_action :ensure_write_scope, only: %i[create update destroy]
+      before_action -> { authorize_scope!(:read) }, only: %i[index show]
+      before_action -> { authorize_scope!(:read_write) }, only: %i[create update destroy]
       before_action :set_tag, only: %i[show update destroy]
 
       # List all tags belonging to the family