diff --git a/wizard-server/src/Wizard/Service/User/UserService.hs b/wizard-server/src/Wizard/Service/User/UserService.hs
index a64ed4f17..efd31a15d 100644
--- a/wizard-server/src/Wizard/Service/User/UserService.hs
+++ b/wizard-server/src/Wizard/Service/User/UserService.hs
@@ -77,6 +77,7 @@ createUserByAdmin :: UserCreateDTO -> AppContextM UserDTO
 createUserByAdmin reqDto =
   runInTransaction $ do
     checkPermission _UM_PERM
+    checkIfAdminIsDisabled
     uUuid <- liftIO generateUuid
     tenantUuid <- asks currentTenantUuid
     clientUrl <- getClientUrl
@@ -97,6 +98,7 @@ createUserByAdminWithUuid reqDto uUuid tenantUuid clientUrl shouldSendRegistrati
 registerUser :: UserCreateDTO -> AppContextM UserDTO
 registerUser reqDto =
   runInTransaction $ do
+    checkIfAdminIsDisabled
     checkIfRegistrationIsEnabled
     uUuid <- liftIO generateUuid
     uPasswordHash <- generatePasswordHash reqDto.password
@@ -111,6 +113,7 @@ registerUser reqDto =
 createUser :: UserCreateDTO -> U.UUID -> String -> String -> [String] -> U.UUID -> String -> Bool -> AppContextM UserDTO
 createUser reqDto uUuid uPasswordHash uRole uPermissions tenantUuid clientUrl shouldSendRegistrationEmail =
   runInTransaction $ do
+    checkIfAdminIsDisabled
     checkUserLimit
     checkActiveUserLimit
     validateUserEmailUniqueness reqDto.email tenantUuid
@@ -276,6 +279,7 @@ deleteUser :: U.UUID -> AppContextM ()
 deleteUser userUuid =
   runInTransaction $ do
     checkPermission _UM_PERM
+    checkIfAdminIsDisabled
     _ <- findUserByUuid userUuid
     deleteAuditByCreatedBy userUuid
     clearBranchCreatedBy userUuid
@@ -321,3 +325,6 @@ sendAnalyticsEmailIfEnabled user = do
 
 checkIfRegistrationIsEnabled =
   checkIfTenantFeatureIsEnabled "Registration" (\c -> c.authentication.internal.registration.enabled)
+
+checkIfAdminIsDisabled =
+  checkIfServerFeatureIsEnabled "User Management Endpoints" (\s -> not s.admin.enabled)