diff --git a/atst/routes/workspaces.py b/atst/routes/workspaces.py
index 0e18ed63..190b5eff 100644
--- a/atst/routes/workspaces.py
+++ b/atst/routes/workspaces.py
@@ -63,8 +63,14 @@ def show_workspace(workspace_id):
 
 @bp.route("/workspaces/<workspace_id>/members")
 def workspace_members(workspace_id):
-    workspace = Workspaces.get(g.current_user, workspace_id)
-    return render_template("workspaces/members/index.html", workspace=workspace)
+    user = g.current_user
+    workspace = Workspaces.get(user, workspace_id)
+    if not Authorization.has_workspace_permission(
+        user, workspace, Permissions.VIEW_WORKSPACE_MEMBERS
+    ):
+        raise UnauthorizedError(user, "view workspace members")
+
+    return render_template("workspace_members.html", workspace=workspace)
 
 
 @bp.route("/workspaces/<workspace_id>/reports")