diff --git a/source/java/org/alfresco/rest/api/impl/PeopleImpl.java b/source/java/org/alfresco/rest/api/impl/PeopleImpl.java
index 18f716ba2d..1d0252d781 100644
--- a/source/java/org/alfresco/rest/api/impl/PeopleImpl.java
+++ b/source/java/org/alfresco/rest/api/impl/PeopleImpl.java
@@ -453,8 +453,7 @@ public class PeopleImpl implements People
     {
         MutableAuthenticationService mutableAuthenticationService = (MutableAuthenticationService) authenticationService;
 
-        boolean isAdmin = authorityService.hasAdminAuthority();
-        if (!isAdmin)
+        if (!isAdminAuthority())
         {
             throw new PermissionDeniedException();
         }
@@ -471,6 +470,11 @@ public class PeopleImpl implements People
 
         if (person.isEnabled() != null)
         {
+            if (isAdminAuthority(personIdToUpdate))
+            {
+                throw new PermissionDeniedException("Admin authority cannot be disabled.");
+            }
+
             mutableAuthenticationService.setAuthenticationEnabled(personIdToUpdate, person.isEnabled());
         }
         
@@ -488,4 +492,14 @@ public class PeopleImpl implements People
 
         return getPerson(personId);
     }
+
+    private boolean isAdminAuthority()
+    {
+        return authorityService.hasAdminAuthority();
+    }
+
+    private boolean isAdminAuthority(String authorityName)
+    {
+        return authorityService.isAdminAuthority(authorityName);
+    }
 }
diff --git a/source/test-java/org/alfresco/rest/api/tests/TestPeople.java b/source/test-java/org/alfresco/rest/api/tests/TestPeople.java
index 28a3cff48b..da2e0b0e06 100644
--- a/source/test-java/org/alfresco/rest/api/tests/TestPeople.java
+++ b/source/test-java/org/alfresco/rest/api/tests/TestPeople.java
@@ -645,6 +645,17 @@ public class TestPeople extends EnterpriseTestApi
         assertEquals(enabled, updatedPerson.isEnabled());
     }
 
+    @Test
+    public void testUpdatePersonDisableAdminNotAllowed() throws PublicApiException
+    {
+        publicApiClient.setRequestContext(new RequestContext(account3.getId(), account3Admin, "admin"));
+
+        Map<String, String> params = new HashMap<>();
+        params.put("fields", "enabled");
+
+        people.update("people", account3Admin, null, null, "{\n" + "  \"enabled\": \"" + false + "\"\n" + "}", params, "Expected 403 response when updating " + account3Admin, 403);
+    }
+
     @Test
     public void testUpdatePersonPasswordNonAdminNotAllowed() throws PublicApiException
     {