diff --git a/config/install/social_auth.settings.yml b/config/install/social_auth.settings.yml
index 9118a21..a4c7c16 100644
--- a/config/install/social_auth.settings.yml
+++ b/config/install/social_auth.settings.yml
@@ -3,3 +3,4 @@ post_login: /user
 redirect_user_form: FALSE
 disable_admin_login: TRUE
 disabled_roles: []
+user_allowed: ['register', 'login']
diff --git a/config/schema/social_auth.schema.yml b/config/schema/social_auth.schema.yml
index cbd3a84..2ab3069 100644
--- a/config/schema/social_auth.schema.yml
+++ b/config/schema/social_auth.schema.yml
@@ -5,6 +5,9 @@ social_auth.settings:
     post_login_path:
       type: string
       label: 'Drupal path where the user should be redirected after successful login.'
+    user_allowed:
+      type: array
+      label: 'What can users do?'
     redirect_user_form:
       type: boolean
       label: 'Redirects to Drupal user form after the user is created if checked.'
diff --git a/social_auth.install b/social_auth.install
index a988ac9..3fdae7c 100644
--- a/social_auth.install
+++ b/social_auth.install
@@ -39,3 +39,19 @@ function social_auth_update_8002(&$sandbox) {
   }
   $config->save();
 }
+
+/**
+ * Implements hook_update_N().
+ *
+ * Sets default value for new user_allowed key.
+ *
+ * user_allowed allows site builders to determine if users can only login,
+ * register, or both. This update creates the new user_allowed key with a
+ * default value set to both register and login.
+ */
+function social_auth_update_8003(&$sandbox) {
+  // Sets and saves new user_allowed value.
+  \Drupal::configFactory()->getEditable('social_auth.settings')
+    ->set('user_allowed', array('register', 'login'))
+    ->save();
+}
diff --git a/src/Form/SocialAuthSettingsForm.php b/src/Form/SocialAuthSettingsForm.php
index d61658d..bf578d5 100644
--- a/src/Form/SocialAuthSettingsForm.php
+++ b/src/Form/SocialAuthSettingsForm.php
@@ -92,6 +92,16 @@ class SocialAuthSettingsForm extends ConfigFormBase {
       '#default_value' => $social_auth_config->get('post_login'),
     );
 
+    $form['social_auth']['user_allowed'] = array(
+      '#type' => 'checkboxes',
+      '#title' => $this->t('What can users do?'),
+      '#default_value' => $social_auth_config->get('user_allowed'),
+      '#options' => array(
+        'register' => $this->t('Register'),
+        'login' => $this->t('Login'),
+      ),
+    );
+
     $form['social_auth']['redirect_user_form'] = array(
       '#type' => 'checkbox',
       '#title' => $this->t('Redirect new users to Drupal user form'),
@@ -156,6 +166,7 @@ class SocialAuthSettingsForm extends ConfigFormBase {
     $values = $form_state->getValues();
     $this->config('social_auth.settings')
       ->set('post_login', $values['post_login'])
+      ->set('user_allowed', $values['user_allowed'])
       ->set('redirect_user_form', $values['redirect_user_form'])
       ->set('disable_admin_login', $values['disable_admin_login'])
       ->set('disabled_roles', $values['disabled_roles'])
diff --git a/src/SocialAuthUserManager.php b/src/SocialAuthUserManager.php
index 100ca47..6455954 100644
--- a/src/SocialAuthUserManager.php
+++ b/src/SocialAuthUserManager.php
@@ -170,7 +170,6 @@ class SocialAuthUserManager {
       return $this->authenticateNewUser($drupal_user);
     }
 
-    drupal_set_message($this->t('You could not be authenticated, please contact the administrator'), 'error');
     $this->nullifySessionKeys();
     return $this->redirect('user.login');
   }
@@ -191,7 +190,11 @@ class SocialAuthUserManager {
       drupal_set_message($this->t('Authentication for Admin (user 1) is disabled.'), 'error');
       return $this->redirect('user.login');
     }
-
+    // If login is disabled.
+    if ($this->isLoginDisabled()) {
+      drupal_set_message($this->t('Login is disabled for users.'), 'error');
+      return $this->redirect('user.login');
+    }
     // If user can not login because of their role.
     $disabled_role = $this->isUserRoleDisabled($drupal_user);
     if ($disabled_role) {
@@ -288,17 +291,16 @@ class SocialAuthUserManager {
       $this->loggerFactory
         ->get($this->getPluginId())
         ->error('Failed to create user. Name: @name, email: @email', array('@name' => $name, '@email' => $email));
+      drupal_set_message($this->t('You could not be authenticated, please contact the administrator'), 'error');
       return FALSE;
     }
 
     // Check if site configuration allows new users to register.
-    if ($this->registrationBlocked()) {
+    if ($this->isRegistrationDisabled()) {
       $this->loggerFactory
         ->get($this->getPluginId())
-        ->warning('Failed to create user. User registration is disabled in Drupal account settings. Name: @name, email: @email.', array('@name' => $name, '@email' => $email));
-
+        ->warning('Failed to create user. User registration is disabled. Name: @name, email: @email.', array('@name' => $name, '@email' => $email));
       drupal_set_message($this->t('User registration is disabled, please contact the administrator.'), 'error');
-
       return FALSE;
     }
 
@@ -318,10 +320,10 @@ class SocialAuthUserManager {
     $violations = $new_user->validate();
     if (count($violations) > 0) {
       $msg = $violations[0]->getMessage();
-      drupal_set_message($this->t('Creation of user account failed: @message', array('@message' => $msg)), 'error');
       $this->loggerFactory
         ->get($this->getPluginId())
         ->error('Could not create new user: @message', array('@message' => $msg));
+      drupal_set_message($this->t('Creation of user account failed: @message', array('@message' => $msg)), 'error');
       return FALSE;
     }
 
@@ -346,8 +348,10 @@ class SocialAuthUserManager {
       $this->loggerFactory
         ->get($this->getPluginId())
         ->error('Could not create new user. Exception: @message', ['@message' => $ex->getMessage()]);
+
     }
 
+    drupal_set_message($this->t('You could not be authenticated, please contact the administrator'), 'error');
     return FALSE;
   }
 
@@ -392,15 +396,32 @@ class SocialAuthUserManager {
   }
 
   /**
-   * Checks if user registration is blocked in Drupal account settings.
+   * Checks if user login is disabled in Social Auth settings.
+   *
+   * @return bool
+   *   True if login is disabled
+   *   False if login is not disabled
+   */
+  protected function isLoginDisabled() {
+    // Check if Login is disabled in Social Auth Settings.
+    if (!in_array('login', $this->configFactory->get('social_auth.settings')->get('user_allowed'), TRUE)) {
+      return TRUE;
+    }
+
+    return FALSE;
+  }
+
+  /**
+   * Checks if user registration is disabled.
    *
    * @return bool
-   *   True if registration is blocked
-   *   False if registration is not blocked
+   *   True if registration is disabled
+   *   False if registration is not disabled
    */
-  protected function registrationBlocked() {
-    // Check if Drupal account registration settings is Administrators only.
-    if ($this->configFactory->get('user.settings')->get('register') == 'admin_only') {
+  protected function isRegistrationDisabled() {
+    // Check if Drupal account registration settings is Administrators only
+    // OR if it is disabled in Social Auth Settings.
+    if ($this->configFactory->get('user.settings')->get('register') == 'admin_only' || !in_array('register', $this->configFactory->get('social_auth.settings')->get('user_allowed'), TRUE)) {
       return TRUE;
     }