diff --git a/app/models/invite.rb b/app/models/invite.rb
index 8ce8510139b..4b4f114e649 100644
--- a/app/models/invite.rb
+++ b/app/models/invite.rb
@@ -39,6 +39,7 @@ class Invite < ActiveRecord::Base
 
   validate :ensure_max_redemptions_allowed
   validate :user_doesnt_already_exist
+  validate :ensure_no_invalid_email_invites
   attr_accessor :email_already_exists
 
   scope :single_use_invites, -> { where('invites.max_redemptions_allowed = 1') }
@@ -355,6 +356,16 @@ class Invite < ActiveRecord::Base
       end
     end
   end
+
+  def ensure_no_invalid_email_invites
+    return if email.blank?
+
+    if SiteSetting.enable_sso?
+      errors.add(:email, I18n.t("invite.disabled_errors.sso_enabled"))
+    elsif !SiteSetting.enable_local_logins?
+      errors.add(:email, I18n.t("invite.disabled_errors.local_logins_disabled"))
+    end
+  end
 end
 
 # == Schema Information
diff --git a/lib/guardian.rb b/lib/guardian.rb
index 7f6935d2cb3..b82966296f2 100644
--- a/lib/guardian.rb
+++ b/lib/guardian.rb
@@ -395,7 +395,9 @@ class Guardian
   end
 
   def can_bulk_invite_to_forum?(user)
-    user.admin?
+    user.admin? &&
+    !SiteSetting.enable_sso &&
+    SiteSetting.enable_local_logins
   end
 
   def can_send_invite_links?(user)
diff --git a/spec/models/invite_spec.rb b/spec/models/invite_spec.rb
index 0dad0aebf57..bba029e3179 100644
--- a/spec/models/invite_spec.rb
+++ b/spec/models/invite_spec.rb
@@ -50,6 +50,17 @@ describe Invite do
     end
   end
 
+  context "SSO validation" do
+    it "prevents creating an email invite when SSO is enabled" do
+      SiteSetting.sso_url = "https://www.example.com/sso"
+      SiteSetting.enable_sso = true
+
+      invite = Fabricate.build(:invite, email: "test@mail.com")
+      expect(invite).not_to be_valid
+      expect(invite.errors.details[:email].first[:error]).to eq(I18n.t("invite.disabled_errors.sso_enabled"))
+    end
+  end
+
   context '#create' do
     context 'saved' do
       subject { Fabricate(:invite) }
diff --git a/spec/requests/invites_controller_spec.rb b/spec/requests/invites_controller_spec.rb
index 3edce1997de..4f0be5c2ddc 100644
--- a/spec/requests/invites_controller_spec.rb
+++ b/spec/requests/invites_controller_spec.rb
@@ -443,6 +443,7 @@ describe InvitesController do
             end
 
             it "does not send password reset email if sso is enabled" do
+              invite # create the invite before enabling SSO
               SiteSetting.sso_url = "https://www.example.com/sso"
               SiteSetting.enable_sso = true
               put "/invites/show/#{invite.invite_key}.json"
@@ -453,6 +454,7 @@ describe InvitesController do
             end
 
             it "does not send password reset email if local login is disabled" do
+              invite # create the invite before enabling SSO
               SiteSetting.enable_local_logins = false
               put "/invites/show/#{invite.invite_key}.json"
               expect(response.status).to eq(200)