diff --git a/src/modules/expenses/components/AccountSelector.vue b/src/modules/expenses/components/AccountSelector.vue
index 18d6c3b..2d92207 100644
--- a/src/modules/expenses/components/AccountSelector.vue
+++ b/src/modules/expenses/components/AccountSelector.vue
@@ -212,10 +212,14 @@ async function loadAccounts() {
       throw new Error('No wallet available. Please log in.')
     }
 
+    // Filter by user permissions to only show authorized accounts
     accountHierarchy.value = await expensesAPI.getAccountHierarchy(
       wallet.inkey,
-      props.rootAccount
+      props.rootAccount,
+      true // filterByUser
     )
+
+    console.log('[AccountSelector] Loaded user-authorized accounts:', accountHierarchy.value)
   } catch (err) {
     error.value = err instanceof Error ? err.message : 'Failed to load accounts'
     console.error('[AccountSelector] Error loading accounts:', err)
diff --git a/src/modules/expenses/services/ExpensesAPI.ts b/src/modules/expenses/services/ExpensesAPI.ts
index 08fcd6e..973c5af 100644
--- a/src/modules/expenses/services/ExpensesAPI.ts
+++ b/src/modules/expenses/services/ExpensesAPI.ts
@@ -46,12 +46,17 @@ export class ExpensesAPI extends BaseService {
   /**
    * Get all accounts from castle
    *
-   * Note: Currently returns all accounts. Once castle API implements
-   * user permissions, use filter_by_user=true parameter.
+   * @param walletKey - Wallet key for authentication
+   * @param filterByUser - If true, only return accounts the user has permissions for
    */
-  async getAccounts(walletKey: string): Promise<Account[]> {
+  async getAccounts(walletKey: string, filterByUser: boolean = false): Promise<Account[]> {
     try {
-      const response = await fetch(`${this.baseUrl}/castle/api/v1/accounts`, {
+      const url = new URL(`${this.baseUrl}/castle/api/v1/accounts`)
+      if (filterByUser) {
+        url.searchParams.set('filter_by_user', 'true')
+      }
+
+      const response = await fetch(url.toString(), {
         method: 'GET',
         headers: this.getHeaders(walletKey),
         signal: AbortSignal.timeout(this.config?.apiConfig?.timeout || 30000)
@@ -74,9 +79,17 @@ export class ExpensesAPI extends BaseService {
    *
    * Converts flat account list to nested tree based on colon-separated names
    * e.g., "Expenses:Groceries:Organic" becomes nested structure
+   *
+   * @param walletKey - Wallet key for authentication
+   * @param rootAccount - Optional root account to filter by (e.g., "Expenses")
+   * @param filterByUser - If true, only return accounts the user has permissions for
    */
-  async getAccountHierarchy(walletKey: string, rootAccount?: string): Promise<AccountNode[]> {
-    const accounts = await this.getAccounts(walletKey)
+  async getAccountHierarchy(
+    walletKey: string,
+    rootAccount?: string,
+    filterByUser: boolean = false
+  ): Promise<AccountNode[]> {
+    const accounts = await this.getAccounts(walletKey, filterByUser)
 
     // Filter by root account if specified
     let filteredAccounts = accounts