diff --git a/common/authorization/authorizer.go b/common/authorization/authorizer.go
index 0578e25143c..fa625352689 100644
--- a/common/authorization/authorizer.go
+++ b/common/authorization/authorizer.go
@@ -48,11 +48,12 @@ type (
 	// Attributes is input for authority to make decision.
 	// It can be extended in future if required auth on resources like WorkflowType and TaskList
 	Attributes struct {
-		Actor      string
-		APIName    string
-		DomainName string
-		TaskList   *types.TaskList
-		Permission Permission
+		Actor        string
+		APIName      string
+		DomainName   string
+		WorkflowType *types.WorkflowType
+		TaskList     *types.TaskList
+		Permission   Permission
 	}
 
 	// Result is result from authority.
diff --git a/service/frontend/accessControlledHandler.go b/service/frontend/accessControlledHandler.go
index 71b6f757035..8e9a44c37b2 100644
--- a/service/frontend/accessControlledHandler.go
+++ b/service/frontend/accessControlledHandler.go
@@ -675,9 +675,10 @@ func (a *AccessControlledWorkflowHandler) StartWorkflowExecution(
 	scope := a.getMetricsScopeWithDomain(metrics.FrontendStartWorkflowExecutionScope, request)
 
 	attr := &authorization.Attributes{
-		APIName:    "StartWorkflowExecution",
-		DomainName: request.GetDomain(),
-		Permission: authorization.PermissionWrite,
+		APIName:      "StartWorkflowExecution",
+		DomainName:   request.GetDomain(),
+		Permission:   authorization.PermissionWrite,
+		WorkflowType: request.WorkflowType,
 	}
 	isAuthorized, err := a.isAuthorized(ctx, attr, scope)
 	if err != nil {