diff --git a/src/Controller/AuthKeysController.php b/src/Controller/AuthKeysController.php
index 083bd5c..e57710e 100644
--- a/src/Controller/AuthKeysController.php
+++ b/src/Controller/AuthKeysController.php
@@ -72,6 +72,9 @@ class AuthKeysController extends AppController
                 $userConditions['id'] = $currentUser['id'];
             } else {
                 $role_ids = $this->Users->Roles->find()->where(['perm_admin' => 0, 'perm_community_admin' => 0, 'perm_org_admin' => 0])->all()->extract('id')->toList();
+                if (empty($role_ids)) {
+                    throw new MethodNotAllowedException(__('You are not authorised to do that, as there are no roles that you could assign to a user. Contact your administrator to rectify this.'));
+                }
                 $userConditions['organisation_id'] = $currentUser['organisation_id'];
                 $userConditions['OR'] = [
                     ['role_id IN' => $role_ids],