the recommendation is to add a

permission

in the downstream definition(s)