diff --git a/docs/release-notes/version-2.8.md b/docs/release-notes/version-2.8.md
index 219f94e23..d179dd31c 100644
--- a/docs/release-notes/version-2.8.md
+++ b/docs/release-notes/version-2.8.md
@@ -14,6 +14,7 @@
 * [#4725](https://github.com/netbox-community/netbox/issues/4725) - Fix "brief" rendering of various REST API endpoints
 * [#4736](https://github.com/netbox-community/netbox/issues/4736) - Add cable trace endpoints for pass-through ports
 * [#4737](https://github.com/netbox-community/netbox/issues/4737) - Fix display of role labels in virtual machines table
+* [#4743](https://github.com/netbox-community/netbox/issues/4743) - Allow users to create "next available" IPs without needing permission to create prefixes
 
 ---
 
diff --git a/netbox/ipam/api/views.py b/netbox/ipam/api/views.py
index 076e1f86f..c741ad0f4 100644
--- a/netbox/ipam/api/views.py
+++ b/netbox/ipam/api/views.py
@@ -90,10 +90,6 @@ class PrefixViewSet(CustomFieldModelViewSet):
 
         if request.method == 'POST':
 
-            # Permissions check
-            if not request.user.has_perm('ipam.add_prefix'):
-                raise PermissionDenied()
-
             # Validate Requested Prefixes' length
             serializer = serializers.PrefixLengthSerializer(
                 data=request.data if isinstance(request.data, list) else [request.data],
@@ -157,7 +153,7 @@ class PrefixViewSet(CustomFieldModelViewSet):
     @swagger_auto_schema(method='get', responses={200: serializers.AvailableIPSerializer(many=True)})
     @swagger_auto_schema(method='post', responses={201: serializers.AvailableIPSerializer(many=True)},
                          request_body=serializers.AvailableIPSerializer(many=False))
-    @action(detail=True, url_path='available-ips', methods=['get', 'post'])
+    @action(detail=True, url_path='available-ips', methods=['get', 'post'], queryset=IPAddress.objects.all())
     @advisory_lock(ADVISORY_LOCK_KEYS['available-ips'])
     def available_ips(self, request, pk=None):
         """
@@ -173,10 +169,6 @@ class PrefixViewSet(CustomFieldModelViewSet):
         # Create the next available IP within the prefix
         if request.method == 'POST':
 
-            # Permissions check
-            if not request.user.has_perm('ipam.add_ipaddress'):
-                raise PermissionDenied()
-
             # Normalize to a list of objects
             requested_ips = request.data if isinstance(request.data, list) else [request.data]