diff --git a/modoboa/admin/templates/admin/domain_detail.html b/modoboa/admin/templates/admin/domain_detail.html
index 50f689dcf..45264cf88 100644
--- a/modoboa/admin/templates/admin/domain_detail.html
+++ b/modoboa/admin/templates/admin/domain_detail.html
@@ -125,7 +125,7 @@ <h3 class="panel-title">
                 {% trans "Show key" %}
               </button>
               <button data-toggle="modal" class="btn btn-default btn-xs" data-target="#dkim_regenerate_dialog"><span class="fa fa-refresh"></span></button>
-              
+
               <div class="modal fade" id="dkim_regenerate_dialog" tabindex="-1" role="dialog" aria-labelledby="dkim_regenerate_dialog" aria-hidden="true">
                 <div class="modal-dialog" role="document">
                     <div class="modal-content">
@@ -206,6 +206,16 @@ <h5 class="modal-title" id="dkim_regenerate_dialog">{% trans "Warning" %}</h5>
               window.location.reload();
           });
       });
+      $('a[name="removeperm"]').click(function (evt) {
+          evt.preventDefault();
+          var $this = $(this);
+          $.ajax({
+              url: $this.attr('href'),
+              method: 'DELETE'
+          }).done(function () {
+              window.location.reload();
+          });
+      });
   });
   function copy(id) {
     navigator.clipboard.writeText(document.getElementById(id).textContent);
diff --git a/modoboa/admin/views/identity.py b/modoboa/admin/views/identity.py
index eb6643e2f..8140d93ad 100644
--- a/modoboa/admin/views/identity.py
+++ b/modoboa/admin/views/identity.py
@@ -196,6 +196,7 @@ def delaccount(request, pk):
 
 @login_required
 @permission_required("admin.add_domain")
+@require_http_methods(["DELETE"])
 def remove_permission(request):
     domid = request.GET.get("domid", None)
     daid = request.GET.get("daid", None)
diff --git a/modoboa/limits/tests/test_user_limits.py b/modoboa/limits/tests/test_user_limits.py
index 8151cae23..4f6c1c473 100644
--- a/modoboa/limits/tests/test_user_limits.py
+++ b/modoboa/limits/tests/test_user_limits.py
@@ -366,7 +366,7 @@ def test_sadmin_removes_ownership(self):
         dom = Domain.objects.get(name="domain.tld")
         self.client.logout()
         self.client.login(username="admin", password="password")
-        self.ajax_get(
+        self.ajax_delete(
             "{0}?domid={1}&daid={2}".format(
                 reverse("admin:permission_remove"),
                 dom.id, self.user.id