diff --git a/backend/app/api/endpoints/steps.py b/backend/app/api/endpoints/steps.py
index 14bc5a7c..992c1725 100644
--- a/backend/app/api/endpoints/steps.py
+++ b/backend/app/api/endpoints/steps.py
@@ -47,10 +47,10 @@ async def get_step_or_404(
         raise HTTPException(status_code=404, detail="Step not found")
 
     if check_view and not can_view_step(current_user, step):
-        raise HTTPException(status_code=403, detail="Not authorized to view this step")
+        raise HTTPException(status_code=404, detail="Step not found")
 
     if check_edit and not can_edit_step(current_user, step):
-        raise HTTPException(status_code=403, detail="Not authorized to modify this step")
+        raise HTTPException(status_code=404, detail="Step not found")
 
     return step