diff --git a/src/app/openaireLibrary b/src/app/openaireLibrary
index 037c32c..e1f6549 160000
--- a/src/app/openaireLibrary
+++ b/src/app/openaireLibrary
@@ -1 +1 @@
-Subproject commit 037c32c545c772c06f8a7a9a5d1da84d95b96522
+Subproject commit e1f6549e891fab346b0f98448c7700aeab09fb99
diff --git a/src/app/researcher/researcher.module.ts b/src/app/researcher/researcher.module.ts
index fb2b0d5..9870f2a 100644
--- a/src/app/researcher/researcher.module.ts
+++ b/src/app/researcher/researcher.module.ts
@@ -15,7 +15,8 @@ const routes: Route[] = [
     path: '', component: ResearcherComponent, children: [
       {path: '', loadChildren: () => import('./search-researcher/search-researcher.module').then(m => m.SearchResearcherModule)},
       {path: ':stakeholder/search', loadChildren: () => import('../search/resultLanding.module').then(m => m.ResultLandingModule)},
-      {path: ':stakeholder', loadChildren: () => import('../shared/monitor/monitor.module').then(m => m.MonitorModule), canActivateChild: [SandboxGuard]}
+      {path: ':stakeholder', loadChildren: () => import('../shared/monitor/monitor.module').then(m => m.MonitorModule), canActivateChild: [SandboxGuard],
+      data: {"researcher": true}}
     ]
   }
 ];
diff --git a/src/app/shared/sandbox.guard.ts b/src/app/shared/sandbox.guard.ts
index be96cb6..6aed4bc 100644
--- a/src/app/shared/sandbox.guard.ts
+++ b/src/app/shared/sandbox.guard.ts
@@ -3,6 +3,9 @@ import {Injectable} from "@angular/core";
 import {ActivatedRouteSnapshot, RouterStateSnapshot, UrlTree} from "@angular/router";
 import {Observable} from "rxjs";
 import {properties} from "../../environments/environment";
+import {LoginErrorCodes} from "../openaireLibrary/login/utils/guardHelper.class";
+import {map, tap} from "rxjs/operators";
+import {Session} from "../openaireLibrary/login/utils/helper.class";
 
 @Injectable({
   providedIn: 'root'
@@ -10,6 +13,23 @@ import {properties} from "../../environments/environment";
 export class SandboxGuard extends AdminDashboardGuard {
 
   canActivateChild(childRoute: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean | UrlTree> | Promise<boolean | UrlTree> | boolean | UrlTree {
-    return properties.environment != 'beta' || super.canActivateChild(childRoute, state);
+    let sandbox = properties.environment !== 'beta'
+    if(childRoute.data['researcher'] && childRoute.params.stakeholder && sandbox) {
+      let errorCode = LoginErrorCodes.NOT_LOGIN;
+      let alias = childRoute.params.stakeholder;
+      return this.userManagementService.getUserInfo().pipe(map(user => {
+        if(user) {
+          errorCode = LoginErrorCodes.NOT_ADMIN;
+        }
+        return user && (Session.isPortalAdministrator(user) ||
+            Session.isCurator('researcher', user) || user?.orcid === alias);
+      }), tap(authorized => {
+        if(!authorized){
+          this.router.navigate(['/user-info'], {queryParams: {'errorCode': errorCode, 'redirectUrl':state.url}});
+        }
+      }));
+    } else {
+      return !sandbox || super.canActivateChild(childRoute, state);
+    }
   }
 }