diff --git a/routes/profiles.js b/routes/profiles.js
index 3b074ae..3b90529 100644
--- a/routes/profiles.js
+++ b/routes/profiles.js
@@ -38,13 +38,13 @@ function processQueryParams (params) {
 }
 
 function update (req, res, next) {
-//   Token.verifyThen(req.get('authorization'), 'update', (err, decoded) => {
-//     if (err || (decoded && !decoded.hasPermission)) {
-//       res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
-//       return;
-//     } 
-//     
-//     if (decoded && decoded.hasPermission) {
+  Token.verifyThen(req.get('authorization'), 'update', (err, decoded) => {
+    if (err || (decoded && !decoded.hasPermission)) {
+      res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
+      return;
+    } 
+    
+    if (decoded && decoded.hasPermission) {
       var ProfileEvents = new EventEmitter();  
       var id = req.params.id;
       var data = req.body;
@@ -65,8 +65,8 @@ function update (req, res, next) {
       });
 
       Profiles.update(ProfileEvents, id, data);
-//     }
-//   });
+    }
+  });
 }
 
 function updateMessage (req, res, next) {