diff --git a/core/modules/rest/src/Plugin/rest/resource/EntityResource.php b/core/modules/rest/src/Plugin/rest/resource/EntityResource.php
index 1059bd4..0895385 100644
--- a/core/modules/rest/src/Plugin/rest/resource/EntityResource.php
+++ b/core/modules/rest/src/Plugin/rest/resource/EntityResource.php
@@ -7,10 +7,15 @@
 
 namespace Drupal\rest\Plugin\rest\resource;
 
+use Psr\Log\LoggerInterface;
+use Drupal\Core\Entity\ContentEntityInterface;
+use Drupal\Core\Entity\EntityDisplayBase;
+use Drupal\Core\Session\AccountProxyInterface;
 use Drupal\Core\Entity\EntityInterface;
 use Drupal\Core\Entity\EntityStorageException;
 use Drupal\rest\Plugin\ResourceBase;
 use Drupal\rest\ResourceResponse;
+use Symfony\Component\DependencyInjection\ContainerInterface;
 use Drupal\Component\Utility\String;
 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
@@ -35,6 +40,47 @@
 class EntityResource extends ResourceBase {
 
   /**
+    *  A curent user instance.
+    *
+    * @var \Drupal\Core\Session\AccountProxyInterface
+    */
+  protected $currentUser;
+
+ /**     * Constructs a Drupal\rest\Plugin\ResourceBase object.
+   *
+   * @param array $configuration
+   *   A configuration array containing information about the plugin instance.
+   * @param string $plugin_id
+   *   The plugin_id for the plugin instance.
+   * @param mixed $plugin_definition
+   *   The plugin implementation definition.
+   * @param array $serializer_formats
+   *   The available serialization formats.
+   * @param \Psr\Log\LoggerInterface $logger
+   *   A logger instance.
+   * @param \Drupal\Core\Session\AccountProxyInterface $current_user
+   *   A curent user instance.
+   */
+   public function __construct(array $configuration, $plugin_id, $plugin_definition, array $serializer_formats, LoggerInterface $logger, AccountProxyInterface $current_user) {
+     parent::__construct($configuration, $plugin_id, $plugin_definition, $serializer_formats, $logger);
+     $this->currentUser = $current_user;
+   }
+
+   /**
+    * {@inheritdoc}
+    */
+   public static function create(ContainerInterface $container, array $configuration, $plugin_id, $plugin_definition) {
+     return new static(
+       $configuration,
+       $plugin_id,
+       $plugin_definition,
+       $container->getParameter('serializer.formats'),
+       $container->get('logger.factory')->get('rest'),
+       $container->get('current_user')
+     );
+   }
+
+  /**
    * Responds to entity GET requests.
    *
    * @param \Drupal\Core\Entity\EntityInterface $entity
@@ -46,12 +92,25 @@ class EntityResource extends ResourceBase {
    * @throws \Symfony\Component\HttpKernel\Exception\HttpException
    */
   public function get(EntityInterface $entity) {
-    if (!$entity->access('view')) {
-      throw new AccessDeniedHttpException();
+    // Validate access only for entities extending Content Entity Interface.
+    if ($entity instanceof ContentEntityInterface) {
+      if (!$entity->access('view')) {
+        throw new AccessDeniedHttpException();
+      }
+
+      foreach ($entity as $field_name => $field) {
+        if (!$field->access('view')) {
+          unset($entity->{$field_name});
+        }
+      }
     }
-    foreach ($entity as $field_name => $field) {
-      if (!$field->access('view')) {
-        unset($entity->{$field_name});
+
+   // Validate if current has permit to get Entity Display entities.
+   else if ($entity instanceof EntityDisplayBase) {
+     $plugin_definition = $this->getPluginDefinition();
+     $permission = "restful get {$plugin_definition['id']}";
+     if(!$this->currentUser->hasPermission($permission)) {
+       throw new AccessDeniedHttpException();
       }
     }
     return new ResourceResponse($entity);