diff --git a/LearningHub.Nhs.WebUI/Scripts/vuesrc/contribute-resource/ContributeLocationTab.vue b/LearningHub.Nhs.WebUI/Scripts/vuesrc/contribute-resource/ContributeLocationTab.vue
index 8af5f25c9..5cb06877d 100644
--- a/LearningHub.Nhs.WebUI/Scripts/vuesrc/contribute-resource/ContributeLocationTab.vue
+++ b/LearningHub.Nhs.WebUI/Scripts/vuesrc/contribute-resource/ContributeLocationTab.vue
@@ -85,14 +85,15 @@
                 return new CatalogueModel({ nodeId: 0 });
             },
             resourceDescription(): string {
-                return this.resourceDetails.description;
+                return this.resourceDetails.description; 
             },
             isDividerVisible(): boolean {
                 return this.resourceDetails.resourceCatalogueId >= 0 && this.selectionInProgress;
             },
             allowCatalogueChange(): boolean {
-                return (!Boolean(this.$route.query.initialCreate));   // allow if user is contributing into the catalogue root // or if the user is editing an existing draft (initialCreate=false)
-                //this.resourceDetails.resourceCatalogueId === this.resourceDetails.nodeId) ||
+                return (this.resourceDetails.resourceCatalogueId === this.resourceDetails.nodeId) || // allow if user is contributing into the catalogue root
+                    !Boolean(this.$route.query.initialCreate);
+                // allow if user is contributing into the catalogue root // or if the user is editing an existing draft (initialCreate=false)
             },
             onChangeClick() {
                 this.$emit('change-click');
diff --git a/LearningHub.Nhs.WebUI/Scripts/vuesrc/contribute/ContentCommon.vue b/LearningHub.Nhs.WebUI/Scripts/vuesrc/contribute/ContentCommon.vue
index f62b7d784..1d1534528 100644
--- a/LearningHub.Nhs.WebUI/Scripts/vuesrc/contribute/ContentCommon.vue
+++ b/LearningHub.Nhs.WebUI/Scripts/vuesrc/contribute/ContentCommon.vue
@@ -243,7 +243,7 @@
             </div>
         </div>
 
-        <catalogue-select v-if="resourceCatalogueCount>1 && showCatalogueSelect" v-model.number="resourceCatalogueId" @input="catalogueSelected"></catalogue-select>
+        <catalogue-select v-if="resourceCatalogueCount>0 && showCatalogueSelect" v-model.number="resourceCatalogueId" @input="catalogueSelected"></catalogue-select>
     </div>
 </template>
 
@@ -314,11 +314,11 @@
                 return this.$store.state.userProviders;
             },
             resourceCatalogueCount(): number {
-                if (!this.$store.state.userCatalogues) {
+                if (!this.$store.state.userCatalogues) {              
                     return 0;
                 } else {
                     return this.$store.state.userCatalogues.length;
-                }
+                }     
             },
             userIsAuthor(): boolean {
                 return this.authors.filter(a => a.isContributor).length > 0;
@@ -333,9 +333,8 @@
                 return this.$store.state.resourceDetail.resourceType;
             },
             showCatalogueSelect(): boolean {
-                //return (this.resourceDetail.resourceCatalogueId === this.resourceDetail.nodeId) || // show if user is contributing into the catalogue root
-                //    !Boolean(this.$route.query.initialCreate);                                 // or if the user is editing an existing draft (initialCreate=false)
-                return (!Boolean(this.$route.query.initialCreate));
+                return (this.resourceDetail.resourceCatalogueId === this.resourceDetail.nodeId) || // show if user is contributing into the catalogue root
+                    !Boolean(this.$route.query.initialCreate);                                 // or if the user is editing an existing draft (initialCreate=false)
             },
             newKeywordTrimmed(): string {
                 return this.newKeyword?.trim().replace(/ +(?= )/g, '');
diff --git a/LearningHub.Nhs.WebUI/Styles/nhsuk/layout.scss b/LearningHub.Nhs.WebUI/Styles/nhsuk/layout.scss
index 25b84b7d4..0e2ac3ad5 100644
--- a/LearningHub.Nhs.WebUI/Styles/nhsuk/layout.scss
+++ b/LearningHub.Nhs.WebUI/Styles/nhsuk/layout.scss
@@ -53,7 +53,7 @@ button[data-toggle="modal"] {
 }
 
 .autosuggestion-menu {
-    padding: 16px 16px 0px 16px;
+    padding: 16px 16px 0px 16px !important;
     background-color: $color_nhsuk-white;
     border-bottom: 1px solid $color_nhsuk-grey-4;
     border-radius: 0px 0px 4px 4px;
diff --git a/LearningHub.Nhs.WebUI/Views/Catalogue/Index.cshtml b/LearningHub.Nhs.WebUI/Views/Catalogue/Index.cshtml
index c3dbb7e45..03ef6c173 100644
--- a/LearningHub.Nhs.WebUI/Views/Catalogue/Index.cshtml
+++ b/LearningHub.Nhs.WebUI/Views/Catalogue/Index.cshtml
@@ -9,16 +9,15 @@
     ViewData["Title"] = "Catalogue";
 
 
-  bool CanManage()
-  {
-    return IsInRole(RoleEnum.LocalAdmin);
-  }
+    bool CanManage()
+    {
+        return IsInRole(RoleEnum.LocalAdmin);
+    }
 
-  bool Unlocked()
-  {
-    return IsInRole(RoleEnum.LocalAdmin) || IsInRole(RoleEnum.Editor) || IsInRole(RoleEnum.Reader) ;
-    //// || this.User.IsInRole("Administrator")
-  }
+    bool Unlocked()
+    {
+        return IsInRole(RoleEnum.LocalAdmin) || IsInRole(RoleEnum.Editor) || IsInRole(RoleEnum.Reader) || this.User.IsInRole("Administrator");
+    }
 
   bool IsInRole(RoleEnum role)
   {
diff --git a/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/BookmarkController.cs b/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/BookmarkController.cs
index 867f295f6..4adaebe2b 100644
--- a/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/BookmarkController.cs
+++ b/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/BookmarkController.cs
@@ -4,6 +4,7 @@
     using System.Threading.Tasks;
     using LearningHub.Nhs.Models.Bookmark;
     using LearningHub.Nhs.OpenApi.Services.Interface.Services;
+    using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Mvc;
 
     /// <summary>
@@ -11,6 +12,7 @@
     /// </summary>
     [Route("Bookmark")]
     [ApiController]
+    [Authorize]
     public class BookmarkController : OpenApiControllerBase
     {
         private readonly IBookmarkService bookmarkService;
diff --git a/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/CatalogueController.cs b/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/CatalogueController.cs
index 356865974..15926b75e 100644
--- a/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/CatalogueController.cs
+++ b/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/CatalogueController.cs
@@ -14,6 +14,7 @@
     /// </summary>
     [Route("Catalogue")]
     [Authorize]
+    [ApiController]
     public class CatalogueController : OpenApiControllerBase
     {
         private readonly ICatalogueService catalogueService;
diff --git a/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/ResourceController.cs b/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/ResourceController.cs
index 98ae2417c..343906d96 100644
--- a/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/ResourceController.cs
+++ b/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/ResourceController.cs
@@ -29,6 +29,7 @@ namespace LearningHub.NHS.OpenAPI.Controllers
     /// </summary>
     [Route("Resource")]
     [Authorize]
+    [ApiController]
     public class ResourceController : OpenApiControllerBase
     {
         private const int MaxNumberOfReferenceIds = 1000;
diff --git a/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/SearchController.cs b/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/SearchController.cs
index b8a0b5aa2..2b463125b 100644
--- a/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/SearchController.cs
+++ b/OpenAPI/LearningHub.Nhs.OpenApi/Controllers/SearchController.cs
@@ -11,6 +11,7 @@
     using LearningHub.Nhs.OpenApi.Models.Configuration;
     using LearningHub.Nhs.OpenApi.Repositories.Interface.Repositories;
     using LearningHub.Nhs.OpenApi.Services.Interface.Services;
+    using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Mvc;
     using Microsoft.Extensions.Logging;
     using Microsoft.Extensions.Options;
@@ -18,6 +19,7 @@
     /// <summary>
     /// Search operations.
     /// </summary>
+    [Authorize]
     [Route("Search")]
     [ApiController]
     public class SearchController : OpenApiControllerBase
diff --git a/OpenAPI/LearningHub.Nhs.OpenApi/Startup.cs b/OpenAPI/LearningHub.Nhs.OpenApi/Startup.cs
index e5f9c180e..dfe34b2b8 100644
--- a/OpenAPI/LearningHub.Nhs.OpenApi/Startup.cs
+++ b/OpenAPI/LearningHub.Nhs.OpenApi/Startup.cs
@@ -8,10 +8,12 @@ namespace LearningHub.NHS.OpenAPI
     using System.Collections.Generic;
     using System.IO;
     using AspNetCore.Authentication.ApiKey;
+    using LearningHub.Nhs.Api.Authentication;
     using LearningHub.Nhs.Caching;
     using LearningHub.Nhs.Models.Enums;
     using LearningHub.Nhs.Models.Extensions;
     using LearningHub.NHS.OpenAPI.Auth;
+    using LearningHub.NHS.OpenAPI.Authentication;
     using LearningHub.NHS.OpenAPI.Configuration;
     using LearningHub.NHS.OpenAPI.Middleware;
     using LearningHub.Nhs.OpenApi.Repositories;
@@ -19,9 +21,9 @@ namespace LearningHub.NHS.OpenAPI
     using LearningHub.Nhs.OpenApi.Services;
     using Microsoft.AspNetCore.Authentication;
     using Microsoft.AspNetCore.Authentication.JwtBearer;
+    using Microsoft.AspNetCore.Authorization;
     using Microsoft.AspNetCore.Builder;
     using Microsoft.AspNetCore.Hosting;
-    using Microsoft.AspNetCore.Mvc.Authorization;
     using Microsoft.EntityFrameworkCore;
     using Microsoft.Extensions.Configuration;
     using Microsoft.Extensions.DependencyInjection;
@@ -29,9 +31,6 @@ namespace LearningHub.NHS.OpenAPI
     using Microsoft.Extensions.Hosting;
     using Microsoft.IdentityModel.Tokens;
     using Microsoft.OpenApi.Models;
-    using Microsoft.AspNetCore.Authorization;
-    using LearningHub.NHS.OpenAPI.Authentication;
-    using LearningHub.Nhs.Api.Authentication;
 
     /// <summary>
     /// The Startup class.
@@ -62,8 +61,12 @@ public void ConfigureServices(IServiceCollection services)
 
             services.AddApiKeyAuth();
 
-            services.AddAuthentication()
-            .AddJwtBearer(options =>
+            services.AddAuthentication(options =>
+            {
+                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
+            })
+           .AddJwtBearer(options =>
             {
                 options.Authority = this.Configuration.GetValue<string>("LearningHUbAuthServiceConfig:Authority");
                 options.TokenValidationParameters = new TokenValidationParameters()
@@ -76,7 +79,7 @@ public void ConfigureServices(IServiceCollection services)
             });
 
             services.AddCustomMiddleware();
-            services.AddSingleton<IAuthorizationHandler, ReadWriteHandler>(); 
+            services.AddSingleton<IAuthorizationHandler, ReadWriteHandler>();
             services.AddSingleton<IAuthorizationHandler, AuthorizeOrCallFromLHHandler>();
 
             services.AddRepositories(this.Configuration);
@@ -89,7 +92,6 @@ public void ConfigureServices(IServiceCollection services)
             services.AddControllers(options =>
             {
                 options.Filters.Add(new HttpResponseExceptionFilter());
-                options.Filters.Add(new AuthorizeFilter());
             });
 
             services.AddMvc()
diff --git a/OpenAPI/LearningHub.Nhs.OpenApi/appsettings.json b/OpenAPI/LearningHub.Nhs.OpenApi/appsettings.json
index 401183bf6..7142f4b36 100644
--- a/OpenAPI/LearningHub.Nhs.OpenApi/appsettings.json
+++ b/OpenAPI/LearningHub.Nhs.OpenApi/appsettings.json
@@ -78,6 +78,7 @@
     "UseRedisCache": true,
     "ResourcePublishQueueRouteName": "",
     "HierarchyEditPublishQueueName": "",
+    "ContentManagementQueueName": "",
     "AuthClientIdentityKey": "",
     "LHClientIdentityKey": "",
     "ReportApiClientIdentityKey": "",
diff --git a/WebAPI/LearningHub.Nhs.Database/Stored Procedures/Hierarchy/GetDashboardCatalogues.sql b/WebAPI/LearningHub.Nhs.Database/Stored Procedures/Hierarchy/GetDashboardCatalogues.sql
index 625a16802..6210d7846 100644
--- a/WebAPI/LearningHub.Nhs.Database/Stored Procedures/Hierarchy/GetDashboardCatalogues.sql	
+++ b/WebAPI/LearningHub.Nhs.Database/Stored Procedures/Hierarchy/GetDashboardCatalogues.sql	
@@ -219,7 +219,7 @@ BEGIN
 				,cnv.CardImageUrl
 				,cnv.Url
 				,cnv.RestrictedAccess
-				,CAST(CASE WHEN cnv.RestrictedAccess = 1 THEN 0 ELSE 1 END AS bit) AS HasAccess
+				,CAST(CASE WHEN cnv.RestrictedAccess = 1 AND auth.CatalogueNodeId IS NULL THEN 0 ELSE 1 END AS bit) AS HasAccess
 				,ub.Id AS BookMarkId
 			    ,CAST(ISNULL(ub.[Deleted], 1) ^ 1 AS BIT) AS IsBookmarked 
 			FROM @MyActivity ma