diff --git a/__tests__/userWorkspacePhoto.ts b/__tests__/userWorkspacePhoto.ts
index 7aa949c2b4..ecad3ba39e 100644
--- a/__tests__/userWorkspacePhoto.ts
+++ b/__tests__/userWorkspacePhoto.ts
@@ -144,7 +144,14 @@ describe('mutation deleteUserWorkspacePhoto', () => {
     }
   `;
 
-  it('should delete photo and associated ContentImage', async () => {
+  it('should require authentication', async () => {
+    const res = await client.mutate(MUTATION, {
+      variables: { id: '00000000-0000-0000-0000-000000000000' },
+    });
+    expect(res.errors?.[0]?.extensions?.code).toBe('UNAUTHENTICATED');
+  });
+
+  it('should delete photo', async () => {
     loggedUser = '1';
     const photo = await con.getRepository(UserWorkspacePhoto).save({
       userId: '1',
@@ -162,7 +169,22 @@ describe('mutation deleteUserWorkspacePhoto', () => {
       .getRepository(UserWorkspacePhoto)
       .findOneBy({ id: photo.id });
     expect(deleted).toBeNull();
+  });
+
+  it('should not delete other user photo', async () => {
+    loggedUser = '1';
+    const photo = await con.getRepository(UserWorkspacePhoto).save({
+      userId: '2',
+      image: 'https://example.com/photo.jpg',
+      position: 0,
+    });
+
+    await client.mutate(MUTATION, { variables: { id: photo.id } });
 
+    const notDeleted = await con
+      .getRepository(UserWorkspacePhoto)
+      .findOneBy({ id: photo.id });
+    expect(notDeleted).not.toBeNull();
     const contentImage = await con
       .getRepository(ContentImage)
       .findOneBy({ url: 'https://example.com/delete-me.jpg' });
@@ -180,6 +202,13 @@ describe('mutation reorderUserWorkspacePhotos', () => {
     }
   `;
 
+  it('should require authentication', async () => {
+    const res = await client.mutate(MUTATION, {
+      variables: { items: [] },
+    });
+    expect(res.errors?.[0]?.extensions?.code).toBe('UNAUTHENTICATED');
+  });
+
   it('should update positions', async () => {
     loggedUser = '1';
     const [photo1, photo2] = await con.getRepository(UserWorkspacePhoto).save([
diff --git a/src/common/cloudinary.ts b/src/common/cloudinary.ts
index e5a519e6d1..5d6c1f2423 100644
--- a/src/common/cloudinary.ts
+++ b/src/common/cloudinary.ts
@@ -35,6 +35,7 @@ export enum UploadPreset {
   TopReaderBadge = 'top_reader_badge',
   Organization = 'organization',
   ToolIcon = 'tool_icon',
+  WorkspacePhoto = 'workspace_photo',
 }
 
 interface OptionalProps {
diff --git a/src/schema/userWorkspacePhoto.ts b/src/schema/userWorkspacePhoto.ts
index 9dc15a88b3..bd439fa9ba 100644
--- a/src/schema/userWorkspacePhoto.ts
+++ b/src/schema/userWorkspacePhoto.ts
@@ -64,7 +64,7 @@ export const typeDefs = /* GraphQL */ `
 
   extend type Mutation {
     """
-    Add a workspace photo to the user's profile
+    Add a workspace photo to the user's profile (max 5)
     """
     addUserWorkspacePhoto(
       input: AddUserWorkspacePhotoInput!
@@ -120,7 +120,7 @@ export const resolvers: IResolvers<unknown, BaseContext> = traceResolvers<
           return builder;
         },
         undefined,
-        true, // use read replica
+        true,
       );
     },
   },