diff --git a/packages/server/src/api/controllers/rowAction/crud.ts b/packages/server/src/api/controllers/rowAction/crud.ts
index bd5326d957..b94bc9d4b9 100644
--- a/packages/server/src/api/controllers/rowAction/crud.ts
+++ b/packages/server/src/api/controllers/rowAction/crud.ts
@@ -87,3 +87,19 @@ export async function remove(ctx: Ctx<void, void>) {
   await sdk.rowActions.remove(table._id!, actionId)
   ctx.status = 204
 }
+
+export async function setViewPermission(ctx: Ctx<void, void>) {
+  const table = await getTable(ctx)
+  const { actionId, viewId } = ctx.params
+
+  await sdk.rowActions.setViewPermission(table._id!, actionId, viewId)
+  ctx.status = 204
+}
+
+export async function unsetViewPermission(ctx: Ctx<void, void>) {
+  const table = await getTable(ctx)
+  const { actionId, viewId } = ctx.params
+
+  await sdk.rowActions.unsetViewPermission(table._id!, actionId, viewId)
+  ctx.status = 204
+}
diff --git a/packages/server/src/api/routes/rowAction.ts b/packages/server/src/api/routes/rowAction.ts
index c84d94c007..0fa0e07673 100644
--- a/packages/server/src/api/routes/rowAction.ts
+++ b/packages/server/src/api/routes/rowAction.ts
@@ -50,6 +50,16 @@ router
     authorizedResource(PermissionType.TABLE, PermissionLevel.READ, "tableId"),
     rowActionController.remove
   )
+  .post(
+    "/api/tables/:tableId/actions/:actionId/permissions/:viewId",
+    authorizedResource(PermissionType.TABLE, PermissionLevel.READ, "tableId"),
+    rowActionController.setViewPermission
+  )
+  .delete(
+    "/api/tables/:tableId/actions/:actionId/permissions/:viewId",
+    authorizedResource(PermissionType.TABLE, PermissionLevel.READ, "tableId"),
+    rowActionController.unsetViewPermission
+  )
 
   // Other endpoints
   .post(
diff --git a/packages/server/src/sdk/app/rowActions.ts b/packages/server/src/sdk/app/rowActions.ts
index 146c00998e..fdb93c129c 100644
--- a/packages/server/src/sdk/app/rowActions.ts
+++ b/packages/server/src/sdk/app/rowActions.ts
@@ -158,6 +158,25 @@ export async function setViewPermission(
   }
 }
 
+export async function unsetViewPermission(
+  tableId: string,
+  rowActionId: string,
+  viewId: string
+) {
+  const actionsDoc = await get(tableId)
+
+  const rowAction = getRowAction(actionsDoc, rowActionId)
+  delete rowAction.permissions.views[viewId]
+
+  const db = context.getAppDB()
+  await db.put(actionsDoc)
+
+  return {
+    id: rowActionId,
+    ...rowAction,
+  }
+}
+
 export async function remove(tableId: string, rowActionId: string) {
   const actionsDoc = await get(tableId)