diff --git a/bitwarden_license/src/Portal/Controllers/PoliciesController.cs b/bitwarden_license/src/Portal/Controllers/PoliciesController.cs
index ca2503c01f..3527c224cb 100644
--- a/bitwarden_license/src/Portal/Controllers/PoliciesController.cs
+++ b/bitwarden_license/src/Portal/Controllers/PoliciesController.cs
@@ -135,7 +135,20 @@ namespace Bit.Portal.Controllers
                 case PolicyType.MasterPassword:
                 case PolicyType.PasswordGenerator:
                 case PolicyType.TwoFactorAuthentication:
+                    break;
+                
                 case PolicyType.SingleOrg:
+                    if (enabled)
+                    {
+                        break;
+                    }
+
+                    var requireSso =
+                        await _policyRepository.GetByOrganizationIdTypeAsync(orgId.Value, PolicyType.RequireSso);
+                    if (requireSso?.Enabled == true)
+                    {
+                        ModelState.AddModelError(string.Empty, _i18nService.T("DisableRequireSsoError"));
+                    }
                     break;
                 
                 case PolicyType.RequireSso:
@@ -143,6 +156,7 @@ namespace Bit.Portal.Controllers
                     {
                         break;
                     }
+                    
                     var singleOrg = await _policyRepository.GetByOrganizationIdTypeAsync(orgId.Value, PolicyType.SingleOrg);
                     if (singleOrg?.Enabled != true)
                     {
diff --git a/src/Core/Resources/SharedResources.en.resx b/src/Core/Resources/SharedResources.en.resx
index d020ab9851..ce4f4fee77 100644
--- a/src/Core/Resources/SharedResources.en.resx
+++ b/src/Core/Resources/SharedResources.en.resx
@@ -575,4 +575,7 @@
   <data name="PersonalOwnershipExemption" xml:space="preserve">
     <value>Organization Owners and Administrators are exempt from this policy's enforcement.</value>
   </data>
+  <data name="DisableRequireSsoError" xml:space="preserve">
+    <value>You must manually disable the Single Sign-On Authentication policy before this policy can be disabled.</value>
+  </data>
 </root>
diff --git a/src/Core/Services/Implementations/PolicyService.cs b/src/Core/Services/Implementations/PolicyService.cs
index e04db9c098..3f7102dd72 100644
--- a/src/Core/Services/Implementations/PolicyService.cs
+++ b/src/Core/Services/Implementations/PolicyService.cs
@@ -48,6 +48,18 @@ namespace Bit.Core.Services
             // Handle dependent policy checks
             switch(policy.Type)
             {
+                case PolicyType.SingleOrg:
+                    if (!policy.Enabled)
+                    {
+                        var requireSso =
+                            await _policyRepository.GetByOrganizationIdTypeAsync(org.Id, PolicyType.RequireSso);
+                        if (requireSso?.Enabled == true)
+                        {
+                            throw new BadRequestException("Single Sign-On Authentication policy is enabled.");
+                        }
+                    }
+                    break;
+                
                case PolicyType.RequireSso:
                    if (policy.Enabled)
                    {
@@ -58,9 +70,6 @@ namespace Bit.Core.Services
                        }
                    }
                    break;
-                   
-                default:
-                    break;
             }
 
             var now = DateTime.UtcNow;