diff --git a/apps/files_external/lib/Controller/AjaxController.php b/apps/files_external/lib/Controller/AjaxController.php
index 72c8b6cd25b..dcc1c1b57de 100644
--- a/apps/files_external/lib/Controller/AjaxController.php
+++ b/apps/files_external/lib/Controller/AjaxController.php
@@ -84,15 +84,21 @@ class AjaxController extends Controller {
 	 */
 	public function saveGlobalCredentials($uid, $user, $password) {
 		$currentUser = $this->userSession->getUser();
+		if ($currentUser === null) {
+			return false;
+		}
 
 		// Non-admins can only edit their own credentials
-		$allowedToEdit = ($currentUser->getUID() === $uid);
+		// Admin can edit global credentials
+		$allowedToEdit = $uid === ''
+			? $this->groupManager->isAdmin($currentUser->getUID())
+			: $currentUser->getUID() === $uid;
 
 		if ($allowedToEdit) {
 			$this->globalAuth->saveAuth($uid, $user, $password);
 			return true;
-		} else {
-			return false;
 		}
+
+		return false;
 	}
 }