diff --git a/kubernetes/opa/knowledgemw/policies.rego b/kubernetes/opa/knowledgemw/policies.rego
index f05865822fa83fef48cdd411bc0b3768c2776916..efb0dcd737d72a48e404dccc9d7438e0827d1569 100644
--- a/kubernetes/opa/knowledgemw/policies.rego
+++ b/kubernetes/opa/knowledgemw/policies.rego
@@ -21,15 +21,34 @@ copyContent {
 
 createContent {
   acls := ["createContent"]
+  
   # Due to portal legacy code, we need to add REVIEWER roles also for this API, this has to be fixed
   roles := ["BOOK_CREATOR", "CONTENT_CREATOR", "COURSE_CREATOR", "BOOK_REVIEWER", "CONTENT_REVIEWER"]
   super.acls_check(acls)
+  
   # Org check will do an implicit role check so there is no need to invoke super.role_check(roles)
   token_organisationids := super.org_check(roles)
+  
+  # The below payload is being invoked when creating contents
   input.parsed_body.request.content.createdFor[_] in token_organisationids
   input.parsed_body.request.content.createdBy == super.userid
 }
 
+createContent {
+  acls := ["createContent"]
+  
+  # Due to portal legacy code, we need to add REVIEWER roles also for this API, this has to be fixed
+  roles := ["BOOK_CREATOR", "CONTENT_CREATOR", "COURSE_CREATOR", "BOOK_REVIEWER", "CONTENT_REVIEWER"]
+  super.acls_check(acls)
+  
+  # Org check will do an implicit role check so there is no need to invoke super.role_check(roles)
+  token_organisationids := super.org_check(roles)
+
+  # The below payload is being invoked when creating certificate templates
+  input.parsed_body.request.content.channel in token_organisationids
+  input.parsed_body.request.content.createdBy == super.userid
+}
+
 createLock {
   acls := ["createLock"]
   roles := ["BOOK_CREATOR", "CONTENT_CREATOR", "BOOK_REVIEWER", "CONTENT_REVIEWER"]