diff --git a/bitwarden_license/src/Commercial.Core/Services/ProviderService.cs b/bitwarden_license/src/Commercial.Core/Services/ProviderService.cs
index 9a5f924246..05ee0cf30a 100644
--- a/bitwarden_license/src/Commercial.Core/Services/ProviderService.cs
+++ b/bitwarden_license/src/Commercial.Core/Services/ProviderService.cs
@@ -354,6 +354,12 @@ public class ProviderService : IProviderService
         var organization = await _organizationRepository.GetByIdAsync(organizationId);
         ThrowOnInvalidPlanType(organization.PlanType);
 
+        if (organization.UseSecretsManager)
+        {
+            throw new BadRequestException(
+                "Organizations with a Managed Service Provider do not support Secrets Manager.");
+        }
+
         var providerOrganization = new ProviderOrganization
         {
             ProviderId = providerId,
diff --git a/bitwarden_license/test/Commercial.Core.Test/Services/ProviderServiceTests.cs b/bitwarden_license/test/Commercial.Core.Test/Services/ProviderServiceTests.cs
index babfa9c074..6e7dfa588c 100644
--- a/bitwarden_license/test/Commercial.Core.Test/Services/ProviderServiceTests.cs
+++ b/bitwarden_license/test/Commercial.Core.Test/Services/ProviderServiceTests.cs
@@ -431,6 +431,23 @@ public class ProviderServiceTests
         Assert.Equal("Organization already belongs to a provider.", exception.Message);
     }
 
+    [Theory, BitAutoData]
+    public async Task AddOrganization_OrganizationHasSecretsManager_Throws(Provider provider, Organization organization, string key,
+        SutProvider<ProviderService> sutProvider)
+    {
+        organization.PlanType = PlanType.EnterpriseAnnually;
+        organization.UseSecretsManager = true;
+
+        sutProvider.GetDependency<IProviderRepository>().GetByIdAsync(provider.Id).Returns(provider);
+        var providerOrganizationRepository = sutProvider.GetDependency<IProviderOrganizationRepository>();
+        providerOrganizationRepository.GetByOrganizationId(organization.Id).ReturnsNull();
+        sutProvider.GetDependency<IOrganizationRepository>().GetByIdAsync(organization.Id).Returns(organization);
+
+        var exception = await Assert.ThrowsAsync<BadRequestException>(
+            () => sutProvider.Sut.AddOrganization(provider.Id, organization.Id, key));
+        Assert.Equal("Organizations with a Managed Service Provider do not support Secrets Manager.", exception.Message);
+    }
+
     [Theory, BitAutoData]
     public async Task AddOrganization_Success(Provider provider, Organization organization, string key,
         SutProvider<ProviderService> sutProvider)