diff --git a/pkg/services/object/acl/acl.go b/pkg/services/object/acl/acl.go
index 5966ac5d1..b33354004 100644
--- a/pkg/services/object/acl/acl.go
+++ b/pkg/services/object/acl/acl.go
@@ -515,6 +515,11 @@ func eACLCheck(msg interface{}, reqInfo requestInfo, cfg *eACLCfg) bool {
 		return true
 	}
 
+	// if bearer token is not allowed, then ignore it
+	if !reqInfo.basicACL.BearerAllowed(reqInfo.operation) {
+		reqInfo.bearer = nil
+	}
+
 	// if bearer token is not present, isValidBearer returns true
 	if !isValidBearer(reqInfo) {
 		return false