diff --git a/npm/ng-packs/packages/core/src/lib/guards/permission.guard.ts b/npm/ng-packs/packages/core/src/lib/guards/permission.guard.ts
index 3b77913d2e..41e07f8d1b 100644
--- a/npm/ng-packs/packages/core/src/lib/guards/permission.guard.ts
+++ b/npm/ng-packs/packages/core/src/lib/guards/permission.guard.ts
@@ -8,10 +8,10 @@ import {
 } from '@angular/router';
 import { HttpErrorResponse } from '@angular/common/http';
 import { Observable, of } from 'rxjs';
-import { map, take } from 'rxjs/operators';
+import { filter, map, switchMap, take } from 'rxjs/operators';
 import { AuthService, IAbpGuard } from '../abstracts';
 import { findRoute, getRoutePath } from '../utils/route-utils';
-import { RoutesService, PermissionService, HttpErrorReporterService } from '../services';
+import { RoutesService, PermissionService, HttpErrorReporterService, ConfigStateService } from '../services';
 import { isPlatformServer } from '@angular/common';
 /**
  * @deprecated Use `permissionGuard` *function* instead.
@@ -25,6 +25,7 @@ export class PermissionGuard implements IAbpGuard {
   protected readonly authService = inject(AuthService);
   protected readonly permissionService = inject(PermissionService);
   protected readonly httpErrorReporter = inject(HttpErrorReporterService);
+  protected readonly configStateService = inject(ConfigStateService);
 
   canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean | UrlTree> {
     let { requiredPolicy } = route.data || {};
@@ -38,7 +39,10 @@ export class PermissionGuard implements IAbpGuard {
       return of(true);
     }
 
-    return this.permissionService.getGrantedPolicy$(requiredPolicy).pipe(
+    return this.configStateService.getAll$().pipe(
+      filter(config => !!config?.auth?.grantedPolicies),
+      take(1),
+      switchMap(() => this.permissionService.getGrantedPolicy$(requiredPolicy)),
       take(1),
       map(access => {
         if (access) return true;
@@ -50,7 +54,6 @@ export class PermissionGuard implements IAbpGuard {
         if (this.authService.isAuthenticated) {
           this.httpErrorReporter.reportError({ status: 403 } as HttpErrorResponse);
         }
-
         return false;
       }),
     );
@@ -66,6 +69,7 @@ export const permissionGuard: CanActivateFn = (
   const authService = inject(AuthService);
   const permissionService = inject(PermissionService);
   const httpErrorReporter = inject(HttpErrorReporterService);
+  const configStateService = inject(ConfigStateService);
   const platformId = inject(PLATFORM_ID);
 
   let { requiredPolicy } = route.data || {};
@@ -84,7 +88,10 @@ export const permissionGuard: CanActivateFn = (
     return of(true);
   }
 
-  return permissionService.getGrantedPolicy$(requiredPolicy).pipe(
+  return configStateService.getAll$().pipe(
+    filter(config => !!config?.auth?.grantedPolicies),
+    take(1),
+    switchMap(() => permissionService.getGrantedPolicy$(requiredPolicy)),
     take(1),
     map(access => {
       if (access) return true;