diff --git a/app/routing/middleware/api/Permission.middleware.js b/app/routing/middleware/api/Permission.middleware.js
index 72bf56a..c501901 100644
--- a/app/routing/middleware/api/Permission.middleware.js
+++ b/app/routing/middleware/api/Permission.middleware.js
@@ -8,6 +8,7 @@ class PermissionMiddleware extends Middleware {
     async test(req, res, next, { check }) {
         const Policy = this.models.get('iam:Policy')
 
+        if ( !req.additional_api_log_data ) req.additional_api_log_data = {}
         req.additional_api_log_data.permission_check = check
 
         // If the request was authorized using an OAuth2 bearer token,