diff --git a/src/main/java/edu/ntnu/idatt210602/matsvinnbackend/controller/FileController.java b/src/main/java/edu/ntnu/idatt210602/matsvinnbackend/controller/FileController.java
index 31b1ba00b436a779dedc85529a7346a88e32a0c6..2e8235f50380c81fbcd78cd0fa73d6349abf1c78 100644
--- a/src/main/java/edu/ntnu/idatt210602/matsvinnbackend/controller/FileController.java
+++ b/src/main/java/edu/ntnu/idatt210602/matsvinnbackend/controller/FileController.java
@@ -99,26 +99,19 @@ public class FileController {
 
     @GetMapping("/{profileId}")
     public ResponseEntity<Resource> get(@PathVariable Integer profileId) {
-        String authenticatedUsername = SecurityContextHolder.getContext().getAuthentication().getName();
-        Account loggedInAccount = accountRepo.findByEmail(authenticatedUsername).orElseThrow();
 
         // Ensure that the provided profile ID is valid
-        Profile profile = profileRepo.findById(profileId).orElseThrow(() -> {
+        profileRepo.findById(profileId).orElseThrow(() -> {
             return new ResponseStatusException(HttpStatus.BAD_REQUEST);
         });
 
-        // Ensure that the profile is part of the authenticated account
-        if (!loggedInAccount.getId().equals(profile.getAccountId())) {
-            throw new ResponseStatusException(HttpStatus.FORBIDDEN);
-        }
-
         Path path = Paths.get(basePath, String.format("%d.jpeg", profileId));
 
         if (!path.toFile().exists()) {
             throw new ResponseStatusException(HttpStatus.NOT_FOUND);
         }
 
-        Resource file = null;
+        Resource file;
 
         try {
             file = new UrlResource(path.toUri());
diff --git a/src/main/java/edu/ntnu/idatt210602/matsvinnbackend/security/SecurityConfig.java b/src/main/java/edu/ntnu/idatt210602/matsvinnbackend/security/SecurityConfig.java
index 1d431e24ed4625ce0102e6fa74a216f27b20e56e..38124d0628647927b098c1092db356ba6652909d 100644
--- a/src/main/java/edu/ntnu/idatt210602/matsvinnbackend/security/SecurityConfig.java
+++ b/src/main/java/edu/ntnu/idatt210602/matsvinnbackend/security/SecurityConfig.java
@@ -67,7 +67,7 @@ public class SecurityConfig {
 
 
                 //FILE ENDPOINTS
-                .requestMatchers(HttpMethod.GET, "/img/*").authenticated()
+                .requestMatchers(HttpMethod.GET, "/img/*").permitAll()
                 .requestMatchers(HttpMethod.POST, "/img").authenticated()
                 .requestMatchers(HttpMethod.DELETE, "/img/*").authenticated()