diff --git a/changelog.d/5474.feature b/changelog.d/5474.feature
new file mode 100644
index 000000000000..63d9b58734be
--- /dev/null
+++ b/changelog.d/5474.feature
@@ -0,0 +1 @@
+Allow server admins to define implementations of extra rules for allowing or denying incoming events.
diff --git a/synapse/events/third_party_rules.py b/synapse/events/third_party_rules.py
index 9f98d5152326..ee7b97ad39d7 100644
--- a/synapse/events/third_party_rules.py
+++ b/synapse/events/third_party_rules.py
@@ -17,8 +17,8 @@
 
 
 class ThirdPartyEventRules(object):
-    """Allows server admins to provide a Python module implementing an extra set of rules
-    to apply when processing events.
+    """Allows server admins to provide a Python module implementing an extra
+    set of rules to apply when processing events.
 
     This is designed to help admins of closed federations with enforcing custom
     behaviours.
@@ -46,7 +46,7 @@ def check_event_allowed(self, event, context):
             context (synapse.events.snapshot.EventContext): The context of the event.
 
         Returns:
-            defer.Deferred(bool), True if the event should be allowed, False if not.
+            defer.Deferred[bool]: True if the event should be allowed, False if not.
         """
         if self.third_party_rules is None:
             defer.returnValue(True)
@@ -60,3 +60,24 @@ def check_event_allowed(self, event, context):
 
         ret = yield self.third_party_rules.check_event_allowed(event, state_events)
         defer.returnValue(ret)
+
+    @defer.inlineCallbacks
+    def on_create_room(self, requester, config, is_requester_admin):
+        """Intercept requests to create room to allow, deny or update the
+        request config.
+
+        Args:
+            requester (Requester)
+            config (dict): The creation config from the client.
+            is_requester_admin (bool): If the requester is an admin
+
+        Returns:
+            defer.Deferred
+        """
+
+        if self.third_party_rules is None:
+            return
+
+        yield self.third_party_rules.on_create_room(
+            requester, config, is_requester_admin
+        )
diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py
index dbcfb8990ff0..7c24f9aac343 100644
--- a/synapse/handlers/room.py
+++ b/synapse/handlers/room.py
@@ -79,6 +79,8 @@ def __init__(self, hs):
 
         self._server_notices_mxid = hs.config.server_notices_mxid
 
+        self.third_party_event_rules = hs.get_third_party_event_rules()
+
     @defer.inlineCallbacks
     def upgrade_room(self, requester, old_room_id, new_version):
         """Replace a room with a new room with a different version
@@ -489,9 +491,6 @@ def create_room(self, requester, config, ratelimit=True,
 
         yield self.auth.check_auth_blocking(user_id)
 
-        invite_list = config.get("invite", [])
-        invite_3pid_list = config.get("invite_3pid", [])
-
         if (self._server_notices_mxid is not None and
                 requester.user.to_string() == self._server_notices_mxid):
             # allow the server notices mxid to create rooms
@@ -501,6 +500,17 @@ def create_room(self, requester, config, ratelimit=True,
                 requester.user,
             )
 
+        # Check whether the third party rules allows/changes the room create
+        # request.
+        yield self.third_party_event_rules.on_create_room(
+            requester,
+            config,
+            is_requester_admin=is_requester_admin,
+        )
+
+        invite_list = config.get("invite", [])
+        invite_3pid_list = config.get("invite_3pid", [])
+
         if not is_requester_admin and not self.spam_checker.user_may_create_room(
             user_id,
             invite_list=invite_list,