diff --git a/package-lock.json b/package-lock.json
index 803fc40..4086425 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "bento_event_relay",
-  "version": "3.0.2",
+  "version": "3.1.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "bento_event_relay",
-      "version": "3.0.2",
+      "version": "3.1.0",
       "license": "LGPL-3.0-only",
       "dependencies": {
         "node-fetch": "^3.3.2",
diff --git a/package.json b/package.json
index ae8df21..9bca921 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "bento_event_relay",
-  "version": "3.0.2",
+  "version": "3.1.0",
   "description": "Event relay service from Redis PubSub to socket.io",
   "main": "src/index.mjs",
   "scripts": {
diff --git a/src/auth.mjs b/src/auth.mjs
index d2fff08..326014b 100644
--- a/src/auth.mjs
+++ b/src/auth.mjs
@@ -13,16 +13,16 @@ export const checkAgainstAuthorizationService = async (token) => {
     }
 
     try {
-        const res = await fetch(`${BENTO_AUTHZ_SERVICE_URL}policy/evaluate`, {
+        const res = await fetch(`${BENTO_AUTHZ_SERVICE_URL}policy/evaluate_one`, {
             method: "POST",
             headers: {
                 "Authorization": `Bearer ${token}`,
                 "Content-Type": "application/json",
             },
             body: JSON.stringify({
-                requested_resource: {everything: true},
+                resource: {everything: true},
                 // TODO: granular permissions + message filtering instead:
-                required_permissions: ["view:private_portal"],
+                permission: "view:private_portal",
             }),
             agent: httpsAgent,
         });