diff --git a/backend/src/api/guilds.ts b/backend/src/api/guilds.ts
index ba9370931..4fef738f3 100644
--- a/backend/src/api/guilds.ts
+++ b/backend/src/api/guilds.ts
@@ -126,7 +126,7 @@ export function initGuildsAPI(app: express.Express) {
         if (type !== ApiPermissionTypes.User) {
           return clientError(res, "Invalid type");
         }
-        if (!isSnowflake(targetId)) {
+        if (!isSnowflake(targetId) || targetId === req.user!.userId) {
           return clientError(res, "Invalid targetId");
         }
         const validPermissions = new Set(Object.values(ApiPermissions));