diff --git a/src/Core/Models/Api/Public/Request/MemberCreateRequestModel.cs b/src/Core/Models/Api/Public/Request/MemberCreateRequestModel.cs
index fb1769e623..edc1bc3ab8 100644
--- a/src/Core/Models/Api/Public/Request/MemberCreateRequestModel.cs
+++ b/src/Core/Models/Api/Public/Request/MemberCreateRequestModel.cs
@@ -1,10 +1,11 @@
 using System;
+using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using Bit.Core.Models.Table;
 
 namespace Bit.Core.Models.Api.Public
 {
-    public class MemberCreateRequestModel : MemberUpdateRequestModel
+    public class MemberCreateRequestModel : MemberUpdateRequestModel, IValidatableObject
     {
         /// <summary>
         /// The member's email address.
@@ -18,5 +19,19 @@ namespace Bit.Core.Models.Api.Public
         {
             throw new NotImplementedException();
         }
+
+        public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
+        {
+            if(Email.Contains(" ") || Email.Contains("<"))
+            {
+                yield return new ValidationResult($"Email is not valid.",
+                    new string[] { nameof(Email) });
+            }
+            else if(Email.Length > 50)
+            {
+                yield return new ValidationResult($"Email is longer than 50 characters.",
+                    new string[] { nameof(Email) });
+            }
+        }
     }
 }
diff --git a/src/Core/Models/Api/Request/Organizations/OrganizationUserRequestModels.cs b/src/Core/Models/Api/Request/Organizations/OrganizationUserRequestModels.cs
index 2c87bb93ee..2964cdec7d 100644
--- a/src/Core/Models/Api/Request/Organizations/OrganizationUserRequestModels.cs
+++ b/src/Core/Models/Api/Request/Organizations/OrganizationUserRequestModels.cs
@@ -31,13 +31,15 @@ namespace Bit.Core.Models.Api
             for(var i = 0; i < Emails.Count(); i++)
             {
                 var email = Emails.ElementAt(i);
-                if(!attr.IsValid(email))
+                if(!attr.IsValid(email) || email.Contains(" ") || email.Contains("<"))
                 {
-                    yield return new ValidationResult($"Email #{i + 1} is not valid.", new string[] { nameof(Emails) });
+                    yield return new ValidationResult($"Email #{i + 1} is not valid.",
+                        new string[] { nameof(Emails) });
                 }
                 else if(email.Length > 50)
                 {
-                    yield return new ValidationResult($"Email #{i + 1} is longer than 50 characters.", new string[] { nameof(Emails) });
+                    yield return new ValidationResult($"Email #{i + 1} is longer than 50 characters.",
+                        new string[] { nameof(Emails) });
                 }
             }
         }