diff --git a/apps/federatedfilesharing/lib/FederatedShareProvider.php b/apps/federatedfilesharing/lib/FederatedShareProvider.php
index 762b015d280..91398f4af35 100644
--- a/apps/federatedfilesharing/lib/FederatedShareProvider.php
+++ b/apps/federatedfilesharing/lib/FederatedShareProvider.php
@@ -313,9 +313,33 @@ class FederatedShareProvider implements IShareProvider {
 				->set('uid_initiator', $qb->createNamedParameter($share->getSharedBy()))
 				->execute();
 
+		// send the updated permission to the owner/initiator, if they are not the same
+		if ($share->getShareOwner() !== $share->getSharedBy()) {
+			$this->sendPermissionUpdate($share);
+		}
+
 		return $share;
 	}
 
+	/**
+	 * send the updated permission to the owner/initiator, if they are not the same
+	 *
+	 * @param IShare $share
+	 * @throws ShareNotFound
+	 * @throws \OC\HintException
+	 */
+	protected function sendPermissionUpdate(IShare $share) {
+		$remoteId = $this->getRemoteId($share);
+		// if the local user is the owner we send the permission change to the initiator
+		if ($this->userManager->userExists($share->getShareOwner())) {
+			list(, $remote) = $this->addressHandler->splitUserRemote($share->getSharedBy());
+		} else { // ... if not we send the permission change to the owner
+			list(, $remote) = $this->addressHandler->splitUserRemote($share->getShareOwner());
+		}
+		$this->notifications->sendPermissionChange($remote, $remoteId, $share->getToken(), $share->getPermissions());
+	}
+
+
 	/**
 	 * update successful reShare with the correct token
 	 *
diff --git a/apps/federatedfilesharing/lib/Notifications.php b/apps/federatedfilesharing/lib/Notifications.php
index c65da212aad..ef59d0a5fdc 100644
--- a/apps/federatedfilesharing/lib/Notifications.php
+++ b/apps/federatedfilesharing/lib/Notifications.php
@@ -183,7 +183,7 @@ class Notifications {
 	 * @return bool
 	 */
 	public function sendPermissionChange($remote, $remoteId, $token, $permissions) {
-		$this->sendUpdateToRemote($remote, $remoteId, $token, ['permissions' => $permissions]);
+		$this->sendUpdateToRemote($remote, $remoteId, $token, 'permissions', ['permissions' => $permissions]);
 	}
 
 	/**
@@ -222,6 +222,10 @@ class Notifications {
 	public function sendUpdateToRemote($remote, $remoteId, $token, $action, $data = [], $try = 0) {
 
 		$fields = array('token' => $token);
+		foreach ($data as $key => $value) {
+			$fields[$key] = $value;
+		}
+
 		$url = $this->addressHandler->removeProtocolFromUrl($remote);
 		$result = $this->tryHttpPostToShareEndpoint(rtrim($url, '/'), '/' . $remoteId . '/' . $action, $fields);
 		$status = json_decode($result['result'], true);
diff --git a/apps/federatedfilesharing/lib/RequestHandler.php b/apps/federatedfilesharing/lib/RequestHandler.php
index b6630496dcb..cefa5be1d38 100644
--- a/apps/federatedfilesharing/lib/RequestHandler.php
+++ b/apps/federatedfilesharing/lib/RequestHandler.php
@@ -537,28 +537,44 @@ class RequestHandler {
 
 	/**
 	 * update share information to keep federated re-shares in sync
+	 *
+	 * @param array $params
+	 * @return \OC_OCS_Result
 	 */
-	public function update() {
+	public function updatePermissions($params) {
+		$id = (int)$params['id'];
 		$token = $this->request->getParam('token', null);
-		$data = $this->request->getParam('data', []);
-
-		$dataArray = json_decode($data, true);
+		$permissions = $this->request->getParam('permissions', null);
 
 		try {
-			$share = $this->federatedShareProvider->getShareByToken($token);
+			$share = $this->federatedShareProvider->getShareById($id);
 		} catch (Share\Exceptions\ShareNotFound $e) {
 			return new \OC_OCS_Result(null, Http::STATUS_BAD_REQUEST);
 		}
 
-		if (isset($dataArray['decline'])) {
-			$this->executeDeclineShare($share);
-		}
-
-		if (isset($dataArray['accept'])) {
-			$this->executeAcceptShare($share);
+		$validPermission = ctype_digit($permissions);
+		$validToken = $this->verifyShare($share, $token);
+		if ($validPermission && $validToken) {
+			$this->updatePermissionsInDatabase($share, (int)$permissions);
+		} else {
+			return new \OC_OCS_Result(null, Http::STATUS_BAD_REQUEST);
 		}
 
 		return new \OC_OCS_Result();
 	}
 
+	/**
+	 * update permissions in database
+	 *
+	 * @param IShare $share
+	 * @param int $permissions
+	 */
+	protected function updatePermissionsInDatabase(IShare $share, $permissions) {
+		$query = $this->connection->getQueryBuilder();
+		$query->update('share')
+			->where($query->expr()->eq('id', $query->createNamedParameter($share->getId())))
+			->set('permissions', $query->createNamedParameter($permissions))
+			->execute();
+	}
+
 }
diff --git a/ocs/routes.php b/ocs/routes.php
index 1f9fd0037e2..7f4f78dd35d 100644
--- a/ocs/routes.php
+++ b/ocs/routes.php
@@ -135,7 +135,7 @@ if (\OC::$server->getAppManager()->isEnabledForUser('files_sharing')) {
 
 	API::register('post',
 		'/cloud/shares/{id}/permissions',
-		array($s2s, 'update'),
+		array($s2s, 'updatePermissions'),
 		'files_sharing',
 		API::GUEST_AUTH
 	);