diff --git a/src/controllers/01-branch-controller.ts b/src/controllers/01-branch-controller.ts
index bffa7c4..9646a72 100644
--- a/src/controllers/01-branch-controller.ts
+++ b/src/controllers/01-branch-controller.ts
@@ -701,6 +701,7 @@ export class BranchController extends Controller {
   }
 
   @Delete("{branchId}/line-image")
+  @Security("keycloak", MANAGE_ROLES.concat("admin", "branch_manager"))
   async deleteLineImage(@Request() req: RequestWithUser, @Path() branchId: string) {
     const record = await prisma.branch.findUnique({
       include: {
@@ -773,6 +774,7 @@ export class BranchController extends Controller {
   }
 
   @Delete("{branchId}/branch-image")
+  @Security("keycloak", MANAGE_ROLES.concat("admin", "branch_manager"))
   async deleteBranchImage(@Request() req: RequestWithUser, @Path() branchId: string) {
     const record = await prisma.branch.findUnique({
       include: {
@@ -845,6 +847,7 @@ export class BranchController extends Controller {
   }
 
   @Delete("{branchId}/map-image")
+  @Security("keycloak", MANAGE_ROLES.concat("admin", "branch_manager"))
   async deleteMapImage(@Request() req: RequestWithUser, @Path() branchId: string) {
     const record = await prisma.branch.findUnique({
       include: {
@@ -932,6 +935,7 @@ export class BranchController extends Controller {
   }
 
   @Delete("{branchId}/bank-qr/{bankId}")
+  @Security("keycloak", MANAGE_ROLES.concat("admin", "branch_manager"))
   async deleteImage(
     @Request() req: RequestWithUser,
     @Path() branchId: string,