diff --git a/apps/files_external/ajax/applicable.php b/apps/files_external/ajax/applicable.php
index ece913ffc06..489c1a7a3e8 100644
--- a/apps/files_external/ajax/applicable.php
+++ b/apps/files_external/ajax/applicable.php
@@ -12,7 +12,21 @@ use OCP\Server;
 \OC_JSON::checkAppEnabled('files_external');
 \OC_JSON::callCheck();
 
-\OC_JSON::checkAdminUser();
+// Replaces \OC_JSON::checkAdminUser() to also allow delegated admins access.
+$currentUser = \OC::$server->getUserSession()->getUser();
+if ($currentUser === null) {
+	\OC_JSON::error(['message' => 'Not logged in']);
+	exit();
+}
+$groupManager = \OC::$server->getGroupManager();
+$authorizedGroupMapper = \OC::$server->get(\OC\Settings\AuthorizedGroupMapper::class);
+$isAdmin = $groupManager->isAdmin($currentUser->getUID());
+// A delegated admin is granted access when their group is authorized for the files_external Admin settings class.
+$isDelegated = in_array(\OCA\Files_External\Settings\Admin::class, $authorizedGroupMapper->findAllClassesForUser($currentUser), true);
+if (!$isAdmin && !$isDelegated) {
+	\OC_JSON::error(['message' => 'Not authorized']);
+	exit();
+}
 
 $pattern = '';
 $limit = null;
diff --git a/build/psalm-baseline.xml b/build/psalm-baseline.xml
index 162ee929ddb..486b4f142d4 100644
--- a/build/psalm-baseline.xml
+++ b/build/psalm-baseline.xml
@@ -1407,9 +1407,12 @@
   <file src="apps/files_external/ajax/applicable.php">
     <DeprecatedMethod>
       <code><![CDATA[\OC_JSON::callCheck()]]></code>
-      <code><![CDATA[\OC_JSON::checkAdminUser()]]></code>
       <code><![CDATA[\OC_JSON::checkAppEnabled('files_external')]]></code>
+      <code><![CDATA[\OC_JSON::error(['message' => 'Not authorized'])]]></code>
+      <code><![CDATA[\OC_JSON::error(['message' => 'Not logged in'])]]></code>
       <code><![CDATA[\OC_JSON::success($results)]]></code>
+      <code><![CDATA[getGroupManager]]></code>
+      <code><![CDATA[getUserSession]]></code>
     </DeprecatedMethod>
   </file>
   <file src="apps/files_external/ajax/oauth2.php">