diff --git a/docs/releases.md b/docs/releases.md
index 6641c580..6c3aa94a 100644
--- a/docs/releases.md
+++ b/docs/releases.md
@@ -1787,4 +1787,8 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release
 
 ## Not released yet
 
-Nothing to see here.
\ No newline at end of file
+### ntfy server v2.20.x (UNRELEASED)
+
+**Bug fixes + maintenance:**
+
+* Route authorization query to read-only database replica to reduce primary database load
diff --git a/user/manager.go b/user/manager.go
index bc1a13d3..28243a24 100644
--- a/user/manager.go
+++ b/user/manager.go
@@ -642,7 +642,7 @@ func (a *Manager) AllowReservation(username string, topic string) error {
 // - Furthermore, the query prioritizes more specific permissions (longer!) over more generic ones, e.g. "test*" > "*"
 // - It also prioritizes write permissions over read permissions
 func (a *Manager) authorizeTopicAccess(usernameOrEveryone, topic string) (read, write, found bool, err error) {
-	rows, err := a.db.Query(a.queries.selectTopicPerms, Everyone, usernameOrEveryone, topic)
+	rows, err := a.db.ReadOnly().Query(a.queries.selectTopicPerms, Everyone, usernameOrEveryone, topic)
 	if err != nil {
 		return false, false, false, err
 	}