diff --git a/lib/mv/authorization/checks/custom_field_value_create_scope.ex b/lib/mv/authorization/checks/custom_field_value_create_scope.ex
index f5be53d..0b24e74 100644
--- a/lib/mv/authorization/checks/custom_field_value_create_scope.ex
+++ b/lib/mv/authorization/checks/custom_field_value_create_scope.ex
@@ -8,6 +8,14 @@ defmodule Mv.Authorization.Checks.CustomFieldValueCreateScope do
   (PermissionSets + :linked/:all) but only implements strict_check, so it
   never adds a filter.
 
+  ## member_id source
+
+  The check reads `member_id` from the create changeset via
+  `Ash.Changeset.get_argument_or_attribute/2`, so it works when member_id
+  is set as an attribute or as an action argument. The CustomFieldValue
+  resource's default create action must accept and require `member_id`
+  (e.g. via `default_accept [:value, :member_id, :custom_field_id]`).
+
   Used in CustomFieldValue policies:
     policy action_type(:create) do
       authorize_if Mv.Authorization.Checks.CustomFieldValueCreateScope
@@ -15,7 +23,6 @@ defmodule Mv.Authorization.Checks.CustomFieldValueCreateScope do
   """
   use Ash.Policy.Check
   alias Mv.Authorization.PermissionSets
-  require Logger
 
   @impl true
   def describe(_opts),
@@ -53,8 +60,8 @@ defmodule Mv.Authorization.Checks.CustomFieldValueCreateScope do
   defp get_create_member_id(authorizer) do
     changeset = authorizer.changeset || authorizer.subject
 
-    if changeset && function_exported?(Ash.Changeset, :get_attribute, 2) do
-      Ash.Changeset.get_attribute(changeset, :member_id)
+    if changeset && function_exported?(Ash.Changeset, :get_argument_or_attribute, 2) do
+      Ash.Changeset.get_argument_or_attribute(changeset, :member_id)
     else
       nil
     end