diff --git a/src/TickerQ.Dashboard/Authentication/AuthConfig.cs b/src/TickerQ.Dashboard/Authentication/AuthConfig.cs
index 76c5219a..2e5c4e5f 100644
--- a/src/TickerQ.Dashboard/Authentication/AuthConfig.cs
+++ b/src/TickerQ.Dashboard/Authentication/AuthConfig.cs
@@ -32,6 +32,11 @@ public class AuthConfig
     /// </summary>
     public int SessionTimeoutMinutes { get; set; } = 60;
     
+    /// <summary>
+    /// Authorization policy name for Host mode (default: null uses the default policy)
+    /// </summary>
+    public string? HostAuthorizationPolicy { get; set; }
+    
     /// <summary>
     /// Whether authentication is enabled
     /// </summary>
diff --git a/src/TickerQ.Dashboard/DashboardOptionsBuilder.cs b/src/TickerQ.Dashboard/DashboardOptionsBuilder.cs
index 49e3d80b..612a6459 100644
--- a/src/TickerQ.Dashboard/DashboardOptionsBuilder.cs
+++ b/src/TickerQ.Dashboard/DashboardOptionsBuilder.cs
@@ -60,9 +60,11 @@ public DashboardOptionsBuilder WithApiKey(string apiKey)
     }
     
     /// <summary>Use the host application's existing authentication system</summary>
-    public DashboardOptionsBuilder WithHostAuthentication()
+    /// <param name="policy">Optional authorization policy name to require (e.g., "AdminPolicy"). If null or empty, uses the default policy.</param>
+    public DashboardOptionsBuilder WithHostAuthentication(string? policy = null)
     {
         Auth.Mode = AuthMode.Host;
+        Auth.HostAuthorizationPolicy = policy;
         return this;
     }
     
diff --git a/src/TickerQ.Dashboard/Endpoints/DashboardEndpoints.cs b/src/TickerQ.Dashboard/Endpoints/DashboardEndpoints.cs
index b70b36ae..7d98c60a 100644
--- a/src/TickerQ.Dashboard/Endpoints/DashboardEndpoints.cs
+++ b/src/TickerQ.Dashboard/Endpoints/DashboardEndpoints.cs
@@ -45,8 +45,15 @@ public static void MapDashboardEndpoints<TTimeTicker, TCronTicker>(this IEndpoin
         // Apply authentication if configured
         if (config.Auth.Mode == AuthMode.Host)
         {
-            // For host authentication, use default authorization
-            apiGroup.RequireAuthorization();
+            // For host authentication, use configured policy or default authorization
+            if (!string.IsNullOrEmpty(config.Auth.HostAuthorizationPolicy))
+            {
+                apiGroup.RequireAuthorization(config.Auth.HostAuthorizationPolicy);
+            }
+            else
+            {
+                apiGroup.RequireAuthorization();
+            }
         }
         // For other auth modes (Basic, Bearer, Custom), authentication is handled by AuthMiddleware
         // API endpoints are automatically protected when auth is enabled
diff --git a/src/TickerQ.Dashboard/README.md b/src/TickerQ.Dashboard/README.md
index ce8a45b7..a2b02eea 100644
--- a/src/TickerQ.Dashboard/README.md
+++ b/src/TickerQ.Dashboard/README.md
@@ -48,11 +48,22 @@ services.AddTickerQ<MyTimeTicker, MyCronTicker>(config =>
 });
 ```
 
+### Use Host Authentication with Custom Policy
+```csharp
+services.AddTickerQ<MyTimeTicker, MyCronTicker>(config =>
+{
+    config.AddDashboard(dashboard =>
+    {
+        dashboard.WithHostAuthentication("AdminPolicy");
+    });
+});
+```
+
 ## 🔧 Fluent API Methods
 
 - `WithBasicAuth(username, password)` - Enable username/password authentication
 - `WithApiKey(apiKey)` - Enable API key authentication  
-- `WithHostAuthentication()` - Use your app's existing auth
+- `WithHostAuthentication(policy)` - Use your app's existing auth with optional policy (e.g., "AdminPolicy")
 - `SetBasePath(path)` - Set dashboard URL path
 - `SetBackendDomain(domain)` - Set backend API domain
 - `SetCorsPolicy(policy)` - Configure CORS