diff --git a/api/tests/federation/test_serializers.py b/api/tests/federation/test_serializers.py
index 6d33a529de7d197d0b88557cc38ee8c17ff46ce4..85208fa490b53dd52b998b24f6f743f9d465d785 100644
--- a/api/tests/federation/test_serializers.py
+++ b/api/tests/federation/test_serializers.py
@@ -431,8 +431,14 @@ def test_collection_page_serializer_validation():
 
 
 def test_collection_page_serializer_can_validate_child():
-    base = 'https://test.federation/test'
     data = {
+        'type': 'CollectionPage',
+        'id': 'https://test.page?page=2',
+        'actor': 'https://test.actor',
+        'first': 'https://test.page?page=1',
+        'last': 'https://test.page?page=3',
+        'partOf': 'https://test.page',
+        'totalItems': 1,
         'items': [{'in': 'valid'}],
     }
 
@@ -441,8 +447,9 @@ def test_collection_page_serializer_can_validate_child():
         context={'item_serializer': serializers.AudioSerializer}
     )
 
-    assert serializer.is_valid() is False
-    assert 'items' in serializer.errors
+    # child are validated but not included in data if not valid
+    assert serializer.is_valid(raise_exception=True) is True
+    assert len(serializer.validated_data['items']) == 0
 
 
 def test_collection_page_serializer(factories):
diff --git a/api/tests/federation/test_views.py b/api/tests/federation/test_views.py
index 8c5235b8bbeb0f8a42b5a79296d4902067312a2a..ae94bcdc02ab2e23704eb3622ec311128713e9ce 100644
--- a/api/tests/federation/test_views.py
+++ b/api/tests/federation/test_views.py
@@ -43,7 +43,7 @@ def test_instance_endpoints_405_if_federation_disabled(
 
 
 def test_wellknown_webfinger_validates_resource(
-    db, api_client, settings, mocker):
+        db, api_client, settings, mocker):
     clean = mocker.spy(webfinger, 'clean_resource')
     url = reverse('federation:well-known-webfinger')
     response = api_client.get(url, data={'resource': 'something'})
diff --git a/changes/changelog.d/federation-1.bugfix b/changes/changelog.d/federation-1.bugfix
new file mode 100644
index 0000000000000000000000000000000000000000..371208e0e0738ae48dda3e7766c0562de9911ddb
--- /dev/null
+++ b/changes/changelog.d/federation-1.bugfix
@@ -0,0 +1 @@
+Fixed broken permission check on library scanning and too aggressive page validation