diff --git a/server/graphql/common/expenses.ts b/server/graphql/common/expenses.ts
index a5772e90394..5792fe4ab57 100644
--- a/server/graphql/common/expenses.ts
+++ b/server/graphql/common/expenses.ts
@@ -397,6 +397,8 @@ export const canSeeExpenseInvoiceInfo: ExpensePermissionEvaluator = async (
 ) => {
   if (!validateExpenseScope(req)) {
     return false;
+  } else if (getContextPermission(req, PERMISSION_TYPE.SEE_EXPENSE_DRAFT_PRIVATE_DETAILS, expense.id)) {
+    return true;
   }
 
   return remoteUserMeetsOneCondition(
diff --git a/server/graphql/v2/object/Expense.ts b/server/graphql/v2/object/Expense.ts
index a82b6d8f1d3..c73e4e55ff1 100644
--- a/server/graphql/v2/object/Expense.ts
+++ b/server/graphql/v2/object/Expense.ts
@@ -129,6 +129,11 @@ export const GraphQLExpense = new GraphQLObjectType<ExpenseModel, Express.Reques
       reference: {
         type: GraphQLString,
         description: 'User-provided reference number or any other identifier that references the invoice',
+        async resolve(expense, _, req) {
+          if (await ExpenseLib.canSeeExpenseInvoiceInfo(req, expense)) {
+            return expense.reference;
+          }
+        },
       },
       amount: {
         type: new GraphQLNonNull(GraphQLInt),