diff --git a/data/model.py b/data/model.py
index 9846426b6..6566f7ad4 100644
--- a/data/model.py
+++ b/data/model.py
@@ -14,8 +14,11 @@ class DataModelException(Exception):
 
 def create_user(username, password, email):
   pw_hash = bcrypt.hashpw(password, bcrypt.gensalt())
-  new_user = User.create(username=username, password_hash=pw_hash,
-                         email=email)
+  try:
+    new_user = User.create(username=username, password_hash=pw_hash,
+                           email=email)
+  except Exception as ex:
+    raise DataModelException(ex.message)
   return new_user
 
 
diff --git a/endpoints/api.py b/endpoints/api.py
index 8d00e3c2d..dfcd491f0 100644
--- a/endpoints/api.py
+++ b/endpoints/api.py
@@ -16,6 +16,11 @@ from auth.permissions import (ReadRepositoryPermission,
 logger = logging.getLogger(__name__)
 
 
+@app.errorhandler(model.DataModelException)
+def handle_dme(ex):
+  return make_response(ex.message, 400)
+
+
 @app.route('/api/')
 def welcome():
   return make_response('welcome', 200)
@@ -45,8 +50,6 @@ def create_repo_api():
 @login_required
 def list_repos_api():
   def repo_view(repo_perm):
-    
-
     return {
       'namespace': repo_perm.repository.namespace,
       'name': repo_perm.repository.name,
diff --git a/endpoints/index.py b/endpoints/index.py
index 8a02c70bd..a8c62b5cd 100644
--- a/endpoints/index.py
+++ b/endpoints/index.py
@@ -11,6 +11,7 @@ from app import app
 from auth.auth import (process_auth, get_authenticated_user,
                        get_validated_token)
 from util.names import parse_namespace_repository, parse_repository_name
+from util.validation import validate_email
 from auth.permissions import (ModifyRepositoryPermission,
                               ReadRepositoryPermission, UserPermission)
 
@@ -46,8 +47,11 @@ def generate_headers(f):
 @app.route('/v1/users/', methods=['POST'])
 def create_user():
   user_data = request.get_json()
-  model.create_user(user_data['username'], user_data['password'],
-                    user_data['email'])
+  email = user_data['email'].strip()
+  if not validate_email(email):
+    return make_response('Invalid email address: %s' % email, 400)
+
+  model.create_user(user_data['username'], user_data['password'], email)
   return make_response('Created', 201)
 
 
diff --git a/util/validation.py b/util/validation.py
new file mode 100644
index 000000000..8ada4d0c1
--- /dev/null
+++ b/util/validation.py
@@ -0,0 +1,7 @@
+import re
+
+
+def validate_email(email_address):
+  if re.match(r'[^@]+@[^@]+\.[^@]+', email_address):
+    return True
+  return False