diff --git a/src/Api/Controllers/PoliciesController.cs b/src/Api/Controllers/PoliciesController.cs
index c5f083de62..91291a769d 100644
--- a/src/Api/Controllers/PoliciesController.cs
+++ b/src/Api/Controllers/PoliciesController.cs
@@ -106,6 +106,32 @@ namespace Bit.Api.Controllers
             return new ListResponseModel<PolicyResponseModel>(responses);
         }
 
+        [AllowAnonymous]
+        [HttpGet("invited-user")]
+        public async Task<ListResponseModel<PolicyResponseModel>> GetByInvitedUser(string orgId, [FromQuery] string userId)
+        {
+            var user = await _userService.GetUserByIdAsync(new Guid(userId));
+            if (user == null)
+            {
+                throw new UnauthorizedAccessException();
+            }
+            var orgIdGuid = new Guid(orgId);
+            var orgUsersByUserId = await _organizationUserRepository.GetManyByUserAsync(user.Id);
+            var orgUser = orgUsersByUserId.SingleOrDefault(u => u.OrganizationId == orgIdGuid);
+            if (orgUser == null)
+            {
+                throw new NotFoundException();
+            }
+            if (orgUser.Status != OrganizationUserStatusType.Invited)
+            {
+                throw new UnauthorizedAccessException();
+            }
+
+            var policies = await _policyRepository.GetManyByOrganizationIdAsync(orgIdGuid);
+            var responses = policies.Where(p => p.Enabled).Select(p => new PolicyResponseModel(p));
+            return new ListResponseModel<PolicyResponseModel>(responses);
+        }
+
         [HttpPut("{type}")]
         public async Task<PolicyResponseModel> Put(string orgId, int type, [FromBody] PolicyRequestModel model)
         {
diff --git a/src/Api/Models/Request/PolicyRequestModel.cs b/src/Api/Models/Request/PolicyRequestModel.cs
index 1f17d6f363..c61ad1aa03 100644
--- a/src/Api/Models/Request/PolicyRequestModel.cs
+++ b/src/Api/Models/Request/PolicyRequestModel.cs
@@ -1,9 +1,9 @@
 using System;
 using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
+using System.Text.Json;
 using Bit.Core.Enums;
 using Bit.Core.Models.Table;
-using Newtonsoft.Json;
 
 namespace Bit.Api.Models.Request
 {
@@ -27,7 +27,7 @@ namespace Bit.Api.Models.Request
         public Policy ToPolicy(Policy existingPolicy)
         {
             existingPolicy.Enabled = Enabled.GetValueOrDefault();
-            existingPolicy.Data = Data != null ? JsonConvert.SerializeObject(Data) : null;
+            existingPolicy.Data = Data != null ? JsonSerializer.Serialize(Data) : null;
             return existingPolicy;
         }
     }