diff --git a/endpoints/api/superuser.py b/endpoints/api/superuser.py
index 8d66a2fce..71ed52476 100644
--- a/endpoints/api/superuser.py
+++ b/endpoints/api/superuser.py
@@ -236,6 +236,10 @@ class SuperUserList(ApiResource):
   @require_scope(scopes.SUPERUSER)
   def post(self):
     """ Creates a new user. """
+    # Ensure that we are using database auth.
+    if app.config['AUTHENTICATION_TYPE'] != 'Database':
+      abort(400)
+
     user_information = request.get_json()
     if SuperUserPermission().can():
       username = user_information['username']
@@ -274,6 +278,10 @@ class SuperUserSendRecoveryEmail(ApiResource):
   @nickname('sendInstallUserRecoveryEmail')
   @require_scope(scopes.SUPERUSER)
   def post(self, username):
+    # Ensure that we are using database auth.
+    if app.config['AUTHENTICATION_TYPE'] != 'Database':
+      abort(400)
+
     if SuperUserPermission().can():
       user = model.user.get_nonrobot_user(username)
       if not user:
@@ -370,9 +378,17 @@ class SuperUserManagement(ApiResource):
 
       user_data = request.get_json()
       if 'password' in user_data:
+        # Ensure that we are using database auth.
+        if app.config['AUTHENTICATION_TYPE'] != 'Database':
+          abort(400)
+
         model.user.change_password(user, user_data['password'])
 
       if 'email' in user_data:
+        # Ensure that we are using database auth.
+        if app.config['AUTHENTICATION_TYPE'] != 'Database':
+          abort(400)
+
         model.user.update_email(user, user_data['email'], auto_verify=True)
 
       if 'enabled' in user_data:
diff --git a/static/partials/super-user.html b/static/partials/super-user.html
index 6933ad538..f1bf0847a 100644
--- a/static/partials/super-user.html
+++ b/static/partials/super-user.html
@@ -140,9 +140,13 @@
           </div>
           <div ng-show="users">
             <div class="manager-header" header-title="Users">
-              <button class="create-button btn btn-primary" ng-click="showCreateUser()">
+              <button class="create-button btn btn-primary" ng-click="showCreateUser()"
+                      quay-show="Config.AUTHENTICATION_TYPE == 'Database'">
                 <i class="fa fa-plus" style="margin-right: 6px;"></i>Create User
               </button>
+              <span class="co-alert co-alert-info" quay-show="Config.AUTHENTICATION_TYPE != 'Database'">
+                Note: <span class="registry-name"></span> is configured to use external authentication, so users can only be created in that system
+              </span>
             </div>
 
             <div class="filter-box" collection="users" filter-model="search" filter-name="Users"></div>
@@ -177,14 +181,16 @@
                 <td style="text-align: center;">
                   <span class="cor-options-menu"
                         ng-if="user.username != current_user.username && !current_user.super_user">
-                    <span class="cor-option" option-click="showChangeEmail(current_user)">
+                    <span class="cor-option" option-click="showChangeEmail(current_user)"
+                          quay-show="Config.AUTHENTICATION_TYPE == 'Database'">
                       <i class="fa fa-envelope-o"></i> Change E-mail Address
                     </span>
-                    <span class="cor-option" option-click="showChangePassword(current_user)">
+                    <span class="cor-option" option-click="showChangePassword(current_user)"
+                          quay-show="Config.AUTHENTICATION_TYPE == 'Database'">
                       <i class="fa fa-key"></i> Change Password
                     </span>
                     <span class="cor-option" option-click="sendRecoveryEmail(current_user)"
-                          quay-show="Features.MAILING">
+                          quay-show="Features.MAILING && Config.AUTHENTICATION_TYPE == 'Database'">
                       <i class="fa fa-envelope"></i> Send Recovery E-mail
                     </span>
                     <span class="cor-option" option-click="showDeleteUser(current_user)">