diff --git a/services/identity/src/client_service.rs b/services/identity/src/client_service.rs
--- a/services/identity/src/client_service.rs
+++ b/services/identity/src/client_service.rs
@@ -702,6 +702,16 @@
   ) -> Result<tonic::Response<AuthResponse>, tonic::Status> {
     let platform_metadata = get_platform_metadata(&request)?;
     let message = request.into_inner();
+
+    if message.user_id == AUTHORITATIVE_KEYSERVER_OWNER_USER_ID {
+      error!(
+        errorType = error_types::GRPC_SERVICES_LOG,
+        "Authoritative keyserver owner called RestoreUser RPC!"
+      );
+      return Err(tonic::Status::failed_precondition(
+        tonic_status_messages::USE_V1_FLOW,
+      ));
+    }
     debug!(
       "Attempting to restore user: {}",
       redact_sensitive_data(&message.user_id)