diff --git a/LDlink/LDlink.py b/LDlink/LDlink.py
index 03e1f8a3..9f327dbd 100755
--- a/LDlink/LDlink.py
+++ b/LDlink/LDlink.py
@@ -240,9 +240,21 @@ def unblock_user():
 @requires_admin_token
 def set_user_lock():
     print("Execute api unlock user")
-    email = request.args.get('email', False)
-    lockValue = request.args.get('locked', False)
-    out_json = setUserLock(email, lockValue)
+    email = request.args.get('email', "Missing Argument")
+
+    try:
+        lockValue = int(request.args.get('locked', "Missing Argument"))
+        if lockValue == -1 or lockValue == 0:
+            out_json = setUserLock(email, lockValue)
+        else:
+            out_json =  {
+                "message": "invalid lock value: " + str(lockValue)
+            }
+    except:
+        out_json =  {
+            "message": "invalid lock value"
+        }
+
     return sendJSON(out_json)
 
 # Web route to unlock all users API tokens
diff --git a/LDlink/RegisterAPI.py b/LDlink/RegisterAPI.py
index aa1cd7d9..b07947ea 100644
--- a/LDlink/RegisterAPI.py
+++ b/LDlink/RegisterAPI.py
@@ -237,7 +237,7 @@ def unblockUser(email):
     emailUserUnblocked(email, email_account)
     return out_json
 
-# sets locked attribute of user to 0=false
+# sets locked attribute of user to lockValue
 def setUserLock(email, lockValue):
     with open('config.yml', 'r') as f:
         config = yaml.load(f)