diff --git a/src/app/entity/controllers/ListTemplateController.php b/src/app/entity/controllers/ListTemplateController.php
index a6f2fa1488334da52970d81f082565e60a14c4b4..1dcf6e3ef59768d5c12ef61118b1be481c33c17a 100755
--- a/src/app/entity/controllers/ListTemplateController.php
+++ b/src/app/entity/controllers/ListTemplateController.php
@@ -20,6 +20,8 @@ use Entity\models\ListTemplateModel;
 use ExternalSignatoryBook\controllers\MaarchParapheurController;
 use Group\controllers\PrivilegeController;
 use History\controllers\HistoryController;
+use Parameter\controllers\ParameterController;
+use Parameter\models\ParameterModel;
 use Resource\models\ResModel;
 use Respect\Validation\Validator;
 use Slim\Http\Request;
@@ -547,7 +549,12 @@ class ListTemplateController
             }
         }
 
-        return $response->withJson(['roles' => array_values($roles)]);
+        $parameters = [];
+
+        $parameter = ParameterModel::getById(['id' => 'keepDiffusionRoleInOutgoingIndexation', 'select' => ['param_value_int']]);
+        $parameters['keepDiffusionRoleInOutgoingIndexation'] = !empty($parameter['param_value_int']);
+
+        return $response->withJson(['roles' => array_values($roles), 'parameters' => $parameters]);
     }
 
     public function getAvailableCircuits(Request $request, Response $response)
diff --git a/src/app/parameter/controllers/ParameterController.php b/src/app/parameter/controllers/ParameterController.php
index 6c984b4deecb71d5244c8c3f54ae7ac203ae7598..c47ccf679d4be2f14685a67700d86f24b9fd4e6f 100755
--- a/src/app/parameter/controllers/ParameterController.php
+++ b/src/app/parameter/controllers/ParameterController.php
@@ -29,6 +29,10 @@ class ParameterController
 {
     public function get(Request $request, Response $response)
     {
+        if (!PrivilegeController::hasPrivilege(['privilegeId' => 'admin_parameters', 'userId' => $GLOBALS['id']])) {
+            return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+        }
+
         $parameters = ParameterModel::get();
 
         foreach ($parameters as $key => $parameter) {
@@ -46,6 +50,10 @@ class ParameterController
 
     public function getById(Request $request, Response $response, array $aArgs)
     {
+        if (!PrivilegeController::hasPrivilege(['privilegeId' => 'admin_parameters', 'userId' => $GLOBALS['id']])) {
+            return $response->withStatus(403)->withJson(['errors' => 'Service forbidden']);
+        }
+
         $parameter = ParameterModel::getById(['id' => $aArgs['id']]);
 
         if (empty($parameter)) {