diff --git a/zerver/tests/test_bots.py b/zerver/tests/test_bots.py
index 95eec763c9..ed3e5bf232 100644
--- a/zerver/tests/test_bots.py
+++ b/zerver/tests/test_bots.py
@@ -487,7 +487,7 @@ class BotTest(ZulipTestCase, UploadSerializeMixin):
         bot = get_user(bot_email, realm)
         self.login(self.example_email("iago"))
         result = self.client_delete("/json/bots/{}".format(bot.id))
-        self.assert_json_error(result, 'Insufficient permission')
+        self.assert_json_error(result, 'No such bot')
 
     def test_bot_deactivation_attacks(self) -> None:
         """You cannot deactivate somebody else's bot."""
diff --git a/zerver/views/users.py b/zerver/views/users.py
index f1d740bf54..5a8ea27adb 100644
--- a/zerver/views/users.py
+++ b/zerver/views/users.py
@@ -63,7 +63,7 @@ def check_last_admin(user_profile: UserProfile) -> bool:
 def deactivate_bot_backend(request: HttpRequest, user_profile: UserProfile,
                            bot_id: int) -> HttpResponse:
     try:
-        target = get_user_profile_by_id(bot_id)
+        target = get_user_profile_by_id_in_realm(bot_id, user_profile.realm)
     except UserProfile.DoesNotExist:
         return json_error(_('No such bot'))
     if not target.is_bot:
@@ -170,7 +170,7 @@ def patch_bot_backend(
         default_all_public_streams: Optional[bool]=REQ(default=None, validator=check_bool)
 ) -> HttpResponse:
     try:
-        bot = get_user_profile_by_id(bot_id)
+        bot = get_user_profile_by_id_in_realm(bot_id, user_profile.realm)
     except UserProfile.DoesNotExist:
         return json_error(_('No such user'))
 
@@ -248,7 +248,7 @@ def patch_bot_backend(
 @has_request_variables
 def regenerate_bot_api_key(request: HttpRequest, user_profile: UserProfile, bot_id: int) -> HttpResponse:
     try:
-        bot = get_user_profile_by_id(bot_id)
+        bot = get_user_profile_by_id_in_realm(bot_id, user_profile.realm)
     except UserProfile.DoesNotExist:
         return json_error(_('No such user'))