diff --git a/app/bundles/ApiBundle/Controller/FetchCommonApiController.php b/app/bundles/ApiBundle/Controller/FetchCommonApiController.php
index cd01152f1ce..675e21b4ea7 100644
--- a/app/bundles/ApiBundle/Controller/FetchCommonApiController.php
+++ b/app/bundles/ApiBundle/Controller/FetchCommonApiController.php
@@ -453,7 +453,7 @@ protected function badRequest($msg = 'mautic.core.error.badrequest')
      */
     protected function checkEntityAccess($entity, $action = 'view')
     {
-        if ('create' != $action && method_exists($entity, 'getCreatedBy')) {
+        if ('create' !== $action && is_object($entity) && method_exists($entity, 'getCreatedBy')) {
             $ownPerm   = "{$this->permissionBase}:{$action}own";
             $otherPerm = "{$this->permissionBase}:{$action}other";
 
diff --git a/app/bundles/LeadBundle/Tests/Controller/Api/DeviceApiControllerFunctionalTest.php b/app/bundles/LeadBundle/Tests/Controller/Api/DeviceApiControllerFunctionalTest.php
new file mode 100644
index 00000000000..4ca2c943f65
--- /dev/null
+++ b/app/bundles/LeadBundle/Tests/Controller/Api/DeviceApiControllerFunctionalTest.php
@@ -0,0 +1,33 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Mautic\LeadBundle\Tests\Controller\Api;
+
+use Mautic\CoreBundle\Test\MauticMysqlTestCase;
+use Mautic\LeadBundle\Entity\Lead;
+use PHPUnit\Framework\Assert;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class DeviceApiControllerFunctionalTest extends MauticMysqlTestCase
+{
+    public function testPutEditWithInexistingIdSoItShouldCreate(): void
+    {
+        $contact = new Lead();
+        $this->em->persist($contact);
+        $this->em->flush();
+
+        $this->client->request(Request::METHOD_PUT, '/api/devices/99999/edit', [
+            'device'            => 'desktop',
+            'deviceOsName'      => 'Ubuntu',
+            'deviceOsShortName' => 'UBT',
+            'deviceOsPlatform'  => 'x64',
+            'lead'              => $contact->getId(),
+        ]);
+
+        $clientResponse = $this->client->getResponse();
+
+        Assert::assertSame(Response::HTTP_CREATED, $clientResponse->getStatusCode());
+    }
+}