diff --git a/awx/api/serializers.py b/awx/api/serializers.py
index da0a479b20..1cd77679b0 100644
--- a/awx/api/serializers.py
+++ b/awx/api/serializers.py
@@ -1895,11 +1895,14 @@ class CredentialTypeSerializer(BaseSerializer):
                 raise PermissionDenied(
                     detail= _("Modifications to inputs are not allowed for credential types that are in use")
                 )
+        ret = super(CredentialTypeSerializer, self).validate(attrs)
+
         fields = attrs.get('inputs', {}).get('fields', [])
         for field in fields:
             if field.get('ask_at_runtime', False):
                 raise serializers.ValidationError({"inputs": _("'ask_at_runtime' is not supported for custom credentials.")})
-        return super(CredentialTypeSerializer, self).validate(attrs)
+
+        return ret
 
     def get_related(self, obj):
         res = super(CredentialTypeSerializer, self).get_related(obj)
diff --git a/awx/main/tests/functional/api/test_credential_type.py b/awx/main/tests/functional/api/test_credential_type.py
index a43b864d7b..919cee809c 100644
--- a/awx/main/tests/functional/api/test_credential_type.py
+++ b/awx/main/tests/functional/api/test_credential_type.py
@@ -167,15 +167,49 @@ def test_create_with_valid_inputs(get, post, admin):
 
 
 @pytest.mark.django_db
-def test_create_with_invalid_inputs_xfail(post, admin):
+@pytest.mark.parametrize('inputs', [
+    True,
+    100,
+    [1, 2, 3, 4],
+    'malformed',
+    {'feelds': {}},
+    {'fields': [123, 234, 345]},
+    {'fields': [{'id':'one', 'label':'One'}, 234]},
+    {'feelds': {}, 'fields': [{'id':'one', 'label':'One'}, 234]}
+])
+def test_create_with_invalid_inputs_xfail(post, admin, inputs):
     response = post(reverse('api:credential_type_list'), {
         'kind': 'cloud',
         'name': 'MyCloud',
-        'inputs': {'feeelds': {},},
+        'inputs': inputs,
         'injectors': {}
     }, admin)
     assert response.status_code == 400
-    assert "'feeelds' was unexpected" in json.dumps(response.data)
+
+
+@pytest.mark.django_db
+@pytest.mark.parametrize('injectors', [
+    True,
+    100,
+    [1, 2, 3, 4],
+    'malformed',
+    {'mal': 'formed'},
+    {'env': {'ENV_VAR': 123}, 'mal': 'formed'},
+    {'env': True},
+    {'env': [1, 2, 3]},
+    {'file': True},
+    {'file': [1, 2, 3]},
+    {'extra_vars': True},
+    {'extra_vars': [1, 2, 3]},
+])
+def test_create_with_invalid_injectors_xfail(post, admin, injectors):
+    response = post(reverse('api:credential_type_list'), {
+        'kind': 'cloud',
+        'name': 'MyCloud',
+        'inputs': {},
+        'injectors': injectors,
+    }, admin)
+    assert response.status_code == 400
 
 
 @pytest.mark.django_db
@@ -235,17 +269,6 @@ def test_create_with_valid_injectors(get, post, admin):
     }
 
 
-@pytest.mark.django_db
-def test_create_with_invalid_injectors_xfail(post, admin):
-    response = post(reverse('api:credential_type_list'), {
-        'kind': 'cloud',
-        'name': 'MyCloud',
-        'inputs': {},
-        'injectors': {'nonsense': 123}
-    }, admin)
-    assert response.status_code == 400
-
-
 @pytest.mark.django_db
 def test_create_with_undefined_template_variable_xfail(post, admin):
     response = post(reverse('api:credential_type_list'), {