diff --git a/ceod/api/members.py b/ceod/api/members.py
index 0d22ab6..b342852 100644
--- a/ceod/api/members.py
+++ b/ceod/api/members.py
@@ -9,6 +9,7 @@ from ceo_common.errors import BadRequest, UserAlreadySubscribedError, UserNotSub
 from ceo_common.interfaces import ILDAPService, IConfig, IMailService
 from ceo_common.logger_factory import logger_factory
 from ceo_common.model.Term import get_terms_for_new_user, get_terms_for_renewal
+from ceo_common.utils import validate_username
 from ceod.transactions.members import (
     AddMemberTransaction,
     ModifyMemberTransaction,
@@ -30,6 +31,7 @@ def create_user():
     body = request.get_json(force=True)
     terms = body.get('terms')
     non_member_terms = body.get('non_member_terms')
+
     if (terms and non_member_terms) or not (terms or non_member_terms):
         raise BadRequest('Must specify either terms or non-member terms')
     if type(terms) is int:
@@ -42,6 +44,10 @@ def create_user():
     if type(body['forwarding_addresses']) is not list:
         raise BadRequest('forwarding_addresses must be a list of email addresses')
 
+    uid_validator = validate_username(body['uid'])
+    if not uid_validator.is_valid:
+        raise BadRequest(f"bad uid: {uid_validator.error_message}")
+
     if terms:
         logger.info(f"Creating member {body['uid']} for terms {terms}")
     else: