diff --git a/llm_team_ui.py b/llm_team_ui.py
index 3f368d9..5e258f6 100644
--- a/llm_team_ui.py
+++ b/llm_team_ui.py
@@ -78,9 +78,10 @@ DEMO_ALLOWED_POSTS = {
 }
 
 # Routes that demo users CANNOT touch (destructive writes)
+# Note: /api/demo/toggle is NOT blocked here — it has its own admin check
 DEMO_BLOCKED_POSTS = {
     "/api/admin/config", "/api/admin/test-provider", "/api/admin/security/ban",
-    "/api/admin/security/mass-ban", "/api/demo/toggle", "/api/demo/allowlist",
+    "/api/admin/security/mass-ban", "/api/demo/allowlist",
     "/api/runs/bulk-archive", "/api/meta-pipeline",
 }