diff --git a/auth_sms/models/res_users.py b/auth_sms/models/res_users.py
index a3f6525e3e..a1805c21d2 100644
--- a/auth_sms/models/res_users.py
+++ b/auth_sms/models/res_users.py
@@ -100,7 +100,7 @@ def _auth_sms_send(self, user_id):
             request and request.session.sid,
         )
         user = self.env["res.users"].browse(user_id)
-        self.env["auth_sms.code"].create(
+        self.env["auth_sms.code"].sudo().create(
             {
                 "code": code,
                 "user_id": user.id,
@@ -109,7 +109,8 @@ def _auth_sms_send(self, user_id):
         )
         if not user.sudo()._auth_sms_check_rate_limit():
             raise AccessDeniedSmsRateLimit(_("SMS rate limit"))
-        if not self.env["sms.provider"].send_sms(user.mobile, code):
+        mobile = user.sudo().mobile
+        if not self.env["sms.provider"].send_sms(mobile, code):
             raise UserError(_("Sending SMS failed"))
 
     def _auth_sms_check_rate_limit(self):
diff --git a/auth_sms/models/sms_provider.py b/auth_sms/models/sms_provider.py
index 2f6d042764..c376f0533b 100644
--- a/auth_sms/models/sms_provider.py
+++ b/auth_sms/models/sms_provider.py
@@ -39,7 +39,7 @@ def action_send_test(self):
 
     @api.model
     def send_sms(self, number, text, **kwargs):
-        provider = self.search([], limit=1)
+        provider = self.sudo().search([], limit=1)
         if not provider:
             return False
         _logger.debug(
diff --git a/auth_sms_auth_signup/controllers/auth_sms_auth_signup.py b/auth_sms_auth_signup/controllers/auth_sms_auth_signup.py
index 6158bcbbc5..19c855ba0e 100644
--- a/auth_sms_auth_signup/controllers/auth_sms_auth_signup.py
+++ b/auth_sms_auth_signup/controllers/auth_sms_auth_signup.py
@@ -11,7 +11,7 @@ class AuthSmsAuthSignup(AuthSignupHome):
     def web_auth_reset_password(self, *args, **kw):
         qcontext = self.get_auth_signup_qcontext()
         if not qcontext.get("token") or qcontext.get("error"):
-            return super(AuthSmsAuthSignup, self).web_auth_reset_password(*args, **kw)
+            return super().web_auth_reset_password(*args, **kw)
         partner = (
             request.env["res.partner"]
             .sudo()
@@ -37,4 +37,4 @@ def web_auth_reset_password(self, *args, **kw):
                 return super(AuthSmsAuthSignup, self).web_auth_reset_password(
                     *args, **kw
                 )
-        return request.render("auth_signup.reset_password", qcontext)
+        return super().web_auth_reset_password(*args, **kw)