diff --git a/app/controllers/api/v1/users_controller.rb b/app/controllers/api/v1/users_controller.rb
index d17ebc3834..5bc242f2ad 100644
--- a/app/controllers/api/v1/users_controller.rb
+++ b/app/controllers/api/v1/users_controller.rb
@@ -193,11 +193,13 @@ def valid_domain?
       end
 
       def permitted_params
-        is_admin = PermissionsChecker.new(current_user:, permission_names: 'ManageUsers', current_provider:).call
+        is_user_manager = PermissionsChecker.new(current_user:, permission_names: 'ManageUsers', current_provider:).call
 
-        return %i[password avatar language role_id invite_token] if external_auth? && !is_admin
+        permitted = %i[password avatar language role_id invite_token]
+        permitted.push(:name) if is_user_manager || !external_auth?
+        permitted.push(:email) if is_user_manager
 
-        %i[name password avatar language role_id invite_token]
+        permitted
       end
     end
   end
diff --git a/app/javascript/components/users/user/forms/UpdateUserForm.jsx b/app/javascript/components/users/user/forms/UpdateUserForm.jsx
index d1db18bd43..2900e912ec 100644
--- a/app/javascript/components/users/user/forms/UpdateUserForm.jsx
+++ b/app/javascript/components/users/user/forms/UpdateUserForm.jsx
@@ -71,7 +71,7 @@ export default function UpdateUserForm({ user }) {
   return (
     <Form methods={methods} onSubmit={updateUserAPI.mutate}>
       <FormControl field={fields.name} type="text" readOnly={user.external_account && !PermissionChecker.hasManageUsers(currentUser)} />
-      <FormControl field={fields.email} type="email" readOnly />
+      <FormControl field={fields.email} type="email" readOnly={!PermissionChecker.hasManageUsers(currentUser)} />
       <FormSelect field={fields.language} variant="dropdown">
         {
           Object.keys(locales || {}).map((code) => <Option key={code} value={code}>{locales[code]}</Option>)