diff --git a/configEditor_global.go b/configEditor_global.go
index 6f61b69..0433a17 100644
--- a/configEditor_global.go
+++ b/configEditor_global.go
@@ -9,6 +9,7 @@ import (
 
 	log "github.com/sirupsen/logrus"
 
+	"github.com/Luzifer/go_helpers/v2/str"
 	"github.com/Luzifer/twitch-bot/v3/pkg/twitch"
 	"github.com/Luzifer/twitch-bot/v3/plugins"
 )
@@ -200,6 +201,12 @@ func configEditorGlobalLogin(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if !str.StringInSlice(user, config.BotEditors) && !str.StringInSlice(id, config.BotEditors) {
+		// That user is none of our editors: Deny access
+		http.Error(w, "access denied", http.StatusForbidden)
+		return
+	}
+
 	tok, expiresAt, err := editorTokenService.CreateLoginToken(id, user)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)