diff --git a/InvenTree/InvenTree/middleware.py b/InvenTree/InvenTree/middleware.py
index 951d415c16..dcbf76f32f 100644
--- a/InvenTree/InvenTree/middleware.py
+++ b/InvenTree/InvenTree/middleware.py
@@ -7,7 +7,7 @@ from django.conf import settings
 from django.contrib.auth.middleware import PersistentRemoteUserMiddleware
 from django.http import HttpResponse
 from django.shortcuts import redirect
-from django.urls import Resolver404, include, re_path, reverse_lazy
+from django.urls import Resolver404, include, re_path, resolve, reverse_lazy
 
 from allauth_2fa.middleware import (AllauthTwoFactorMiddleware,
                                     BaseRequire2FAMiddleware)
@@ -41,6 +41,11 @@ class AuthRequiredMiddleware(object):
         if request.path_info.startswith('/api/'):
             return self.get_response(request)
 
+        # Is the function exempt from auth requirements?
+        path_func = resolve(request.path).func
+        if getattr(path_func, 'auth_exempt', False) is True:
+            return self.get_response(request)
+
         if not request.user.is_authenticated:
             """
             Normally, a web-based session would use csrftoken based authentication.
diff --git a/InvenTree/InvenTree/permissions.py b/InvenTree/InvenTree/permissions.py
index 7f607f6dbf..74d42b6da0 100644
--- a/InvenTree/InvenTree/permissions.py
+++ b/InvenTree/InvenTree/permissions.py
@@ -1,5 +1,7 @@
 """Permission set for InvenTree."""
 
+from functools import wraps
+
 from rest_framework import permissions
 
 import users.models
@@ -63,3 +65,11 @@ class RolePermission(permissions.BasePermission):
         result = users.models.RuleSet.check_table_permission(user, table, permission)
 
         return result
+
+
+def auth_exempt(view_func):
+    """Mark a view function as being exempt from auth requirements."""
+    def wrapped_view(*args, **kwargs):
+        return view_func(*args, **kwargs)
+    wrapped_view.auth_exempt = True
+    return wraps(view_func)(wrapped_view)