diff --git a/awx/api/serializers.py b/awx/api/serializers.py
index a5d6f9a4e1..36b4f5413b 100644
--- a/awx/api/serializers.py
+++ b/awx/api/serializers.py
@@ -2045,6 +2045,8 @@ class CredentialSerializer(BaseSerializer):
             # CredentialType based on the provided values
             kind = data.get('kind', 'ssh')
             credential_type = CredentialType.from_v1_kind(kind, data)
+            if credential_type is None:
+                raise serializers.ValidationError({"kind": _('"%s" is not a valid choice' % kind)})
             data['credential_type'] = credential_type.pk
             value = OrderedDict(
                 {'credential_type': credential_type}.items() +
diff --git a/awx/main/tests/functional/api/test_credential.py b/awx/main/tests/functional/api/test_credential.py
index 45096c2433..c1b8027a99 100644
--- a/awx/main/tests/functional/api/test_credential.py
+++ b/awx/main/tests/functional/api/test_credential.py
@@ -619,6 +619,22 @@ def test_list_cannot_order_by_encrypted_field(post, get, organization, org_admin
     assert response.status_code == 400
 
 
+@pytest.mark.django_db
+def test_v1_credential_kind_validity(get, post, organization, admin, credentialtype_ssh):
+    params = {
+        'name': 'Best credential ever',
+        'organization': organization.id,
+        'kind': 'nonsense'
+    }
+    response = post(
+        reverse('api:credential_list', kwargs={'version': 'v1'}),
+        params,
+        admin
+    )
+    assert response.status_code == 400
+    assert response.data['kind'] == ['"nonsense" is not a valid choice']
+
+
 @pytest.mark.django_db
 def test_inputs_cannot_contain_extra_fields(get, post, organization, admin, credentialtype_ssh):
     params = {