diff --git a/tests/systemtests/authz_test.go b/tests/systemtests/authz_test.go
index 9e6f117bb905..58f1ab4b9722 100644
--- a/tests/systemtests/authz_test.go
+++ b/tests/systemtests/authz_test.go
@@ -50,6 +50,12 @@ func TestAuthzGrantTxCmd(t *testing.T) {
 	require.NotEqual(t, granterAddr, grantee5Addr)
 	grantee6Addr := cli.AddKey("grantee6")
 	require.NotEqual(t, granterAddr, grantee6Addr)
+	grantee7Addr := cli.AddKey("grantee7")
+	require.NotEqual(t, granterAddr, grantee7Addr)
+	grantee8Addr := cli.AddKey("grantee8")
+	require.NotEqual(t, granterAddr, grantee8Addr)
+	grantee9Addr := cli.AddKey("grantee9")
+	require.NotEqual(t, granterAddr, grantee9Addr)
 
 	systest.Sut.StartChain(t)
 
@@ -89,13 +95,6 @@ func TestAuthzGrantTxCmd(t *testing.T) {
 			"msg type cannot be empty",
 			true,
 		},
-		{
-			"delegate authorization without allow or deny list",
-			grantee1Addr,
-			[]string{"delegate"},
-			"both allowed & deny list cannot be empty",
-			false,
-		},
 		{
 			"delegate authorization with invalid allowed validator address",
 			grantee1Addr,
@@ -110,13 +109,6 @@ func TestAuthzGrantTxCmd(t *testing.T) {
 			"decoding bech32 failed",
 			false,
 		},
-		{
-			"unbond authorization without allow or deny list",
-			grantee1Addr,
-			[]string{"unbond"},
-			"both allowed & deny list cannot be empty",
-			false,
-		},
 		{
 			"unbond authorization with invalid allowed validator address",
 			grantee1Addr,
@@ -131,13 +123,6 @@ func TestAuthzGrantTxCmd(t *testing.T) {
 			"decoding bech32 failed",
 			false,
 		},
-		{
-			"redelegate authorization without allow or deny list",
-			grantee1Addr,
-			[]string{"redelegate"},
-			"both allowed & deny list cannot be empty",
-			false,
-		},
 		{
 			"redelegate authorization with invalid allowed validator address",
 			grantee1Addr,
@@ -181,19 +166,40 @@ func TestAuthzGrantTxCmd(t *testing.T) {
 			false,
 		},
 		{
-			"valid unbond authorization",
+			"valid delegate authorization without allow or deny list",
 			grantee5Addr,
+			[]string{"delegate", "--spend-limit=1000" + testDenom},
+			"",
+			false,
+		},
+		{
+			"valid unbond authorization",
+			grantee6Addr,
 			[]string{"unbond", "--deny-validators=" + valOperAddr},
 			"",
 			false,
 		},
+		{
+			"valid unbond authorization without allow or deny list",
+			grantee7Addr,
+			[]string{"unbond", "--spend-limit=1000" + testDenom},
+			"",
+			false,
+		},
 		{
 			"valid redelegate authorization",
-			grantee6Addr,
+			grantee8Addr,
 			[]string{"redelegate", "--allowed-validators=" + valOperAddr},
 			"",
 			false,
 		},
+		{
+			"valid redelegate authorization without allow or deny list",
+			grantee9Addr,
+			[]string{"redelegate", "--spend-limit=1000" + testDenom},
+			"",
+			false,
+		},
 	}
 
 	grantsCount := 0
diff --git a/x/authz/README.md b/x/authz/README.md
index 405bd5427e6a..9e7ac2502555 100644
--- a/x/authz/README.md
+++ b/x/authz/README.md
@@ -84,7 +84,7 @@ https://github.com/cosmos/cosmos-sdk/blob/v0.52.0-beta.1/x/bank/types/send_autho
 
 #### StakeAuthorization
 
-`StakeAuthorization` implements the `Authorization` interface for messages in the [staking module](https://docs.cosmos.network/main/build/modules/staking). It takes an `AuthorizationType` to specify whether you want to authorize delegation, undelegation, redelegation or cancel unbonding delegation, each of which must be authorized separately. It also takes an optional `MaxTokens` that keeps track of a limit to the amount of tokens that can be delegated/undelegated/redelegated. If left empty, the amount is unlimited. Additionally, this Msg takes an `AllowList` or a `DenyList`, enabling you to specify which validators the grantee can or cannot stake with.
+`StakeAuthorization` implements the `Authorization` interface for messages in the [staking module](https://docs.cosmos.network/main/build/modules/staking). It takes an `AuthorizationType` to specify whether you want to authorize delegation, undelegation, redelegation or cancel unbonding delegation, each of which must be authorized separately. It also takes an optional `MaxTokens` that keeps track of a limit to the amount of tokens that can be delegated/undelegated/redelegated. If left empty, the amount is unlimited. Additionally, this Msg takes an `AllowList` or a `DenyList`, enabling you to specify which validators the grantee can or cannot stake with. If both `AllowList` and `DenyList` are empty delegation to all validators is allowed.
 
 ```protobuf reference
 https://github.com/cosmos/cosmos-sdk/blob/v0.52.0-beta.1/x/staking/proto/cosmos/staking/v1beta1/authz.proto#L11-L34
diff --git a/x/staking/CHANGELOG.md b/x/staking/CHANGELOG.md
index 3844e017f14b..5d7f2f30daa3 100644
--- a/x/staking/CHANGELOG.md
+++ b/x/staking/CHANGELOG.md
@@ -54,7 +54,7 @@ Ref: https://keepachangelog.com/en/1.0.0/
 * [#18506](https://github.com/cosmos/cosmos-sdk/pull/18506) Detect the length of the ed25519 pubkey in CreateValidator to prevent panic.
 
 ### Bug Fixes
-
+* [#22527](https://github.com/cosmos/cosmos-sdk/pull/22527) Allow delegating `StakeAuthorization` to all validators by leaving `AllowList` and `DenyList` empty.
 * [#20688](https://github.com/cosmos/cosmos-sdk/pull/20688) Avoid overslashing unbonding delegations after a redelegation.
 * [#19226](https://github.com/cosmos/cosmos-sdk/pull/19226) Ensure `GetLastValidators` in `x/staking` does not return an error when `MaxValidators` exceeds total number of bonded validators.
 * [#23461](https://github.com/cosmos/cosmos-sdk/pull/23461) Fix `UpdateDescription` to correctly update the `Metadata` field.
diff --git a/x/staking/types/authz.go b/x/staking/types/authz.go
index 55194c0e28a2..ff9d9c9f2e85 100644
--- a/x/staking/types/authz.go
+++ b/x/staking/types/authz.go
@@ -166,10 +166,6 @@ func (a StakeAuthorization) Accept(ctx context.Context, msg sdk.Msg) (authz.Acce
 }
 
 func validateAllowAndDenyValidators(allowed, denied []sdk.ValAddress, valAddressCodec address.Codec) ([]string, []string, error) {
-	if len(allowed) == 0 && len(denied) == 0 {
-		return nil, nil, sdkerrors.ErrInvalidRequest.Wrap("both allowed & deny list cannot be empty")
-	}
-
 	if len(allowed) > 0 && len(denied) > 0 {
 		return nil, nil, sdkerrors.ErrInvalidRequest.Wrap("cannot set both allowed & deny list")
 	}
diff --git a/x/staking/types/authz_test.go b/x/staking/types/authz_test.go
index c4ab9dc7bbd8..027f07974b09 100644
--- a/x/staking/types/authz_test.go
+++ b/x/staking/types/authz_test.go
@@ -211,6 +211,21 @@ func TestAuthzAuthorizations(t *testing.T) {
 				}, MaxTokens: nil, AuthorizationType: stakingtypes.AuthorizationType_AUTHORIZATION_TYPE_DELEGATE,
 			},
 		},
+		{
+			"delegate: testing empty denyList and allowList",
+			[]sdk.ValAddress{},
+			[]sdk.ValAddress{},
+			stakingtypes.AuthorizationType_AUTHORIZATION_TYPE_DELEGATE,
+			nil,
+			stakingtypes.NewMsgDelegate(accAddressToString(t, delAddr), valAddressToString(t, val2), coin100),
+			false,
+			false,
+			&stakingtypes.StakeAuthorization{
+				Validators: &stakingtypes.StakeAuthorization_DenyList{
+					DenyList: &stakingtypes.StakeAuthorization_Validators{Address: []string{}},
+				}, MaxTokens: nil, AuthorizationType: stakingtypes.AuthorizationType_AUTHORIZATION_TYPE_DELEGATE,
+			},
+		},
 		{
 			"undelegate: expect 0 remaining coins",
 			[]sdk.ValAddress{val1, val2},