diff --git a/README.md b/README.md
index 640b637eab..bec93d93da 100644
--- a/README.md
+++ b/README.md
@@ -126,6 +126,7 @@ The client keys used with Parse are no longer necessary with Parse Server. If yo
 * `databaseAdapter` (unfinished) - The backing store can be changed by creating an adapter class (see `DatabaseAdapter.js`)
 * `loggerAdapter` - The default behavior/transport (File) can be changed by creating an adapter class (see [`LoggerAdapter.js`](https://github.com/ParsePlatform/parse-server/blob/master/src/Adapters/Logger/LoggerAdapter.js))
 * `enableAnonymousUsers` - Defaults to true. Set to false to disable anonymous users.
+* `allowClientClassCreation` - Defaults to true. Set to false to disable client class creation.
 * `oauth` - Used to configure support for [3rd party authentication](https://github.com/ParsePlatform/parse-server/wiki/Parse-Server-Guide#oauth).
 * `maxUploadSize` - Defaults to 20mb. Max file size for uploads
 
diff --git a/src/RestQuery.js b/src/RestQuery.js
index 86562e9df1..b9385eb65d 100644
--- a/src/RestQuery.js
+++ b/src/RestQuery.js
@@ -165,7 +165,9 @@ RestQuery.prototype.redirectClassNameForKey = function() {
 
 // Validates this operation against the allowClientClassCreation config.
 RestQuery.prototype.validateClientClassCreation = function() {
-  if (this.config.allowClientClassCreation === false && !this.auth.isMaster) {
+  let sysClass = ['_User', '_Installation', '_Role', '_Session', '_Product'];
+  if (this.config.allowClientClassCreation === false && !this.auth.isMaster
+      && sysClass.indexOf(this.className) === -1) {
     return this.config.database.loadSchema().then((schema) => {
       return schema.hasClass(this.className)
     }).then((hasClass) => {
diff --git a/src/RestWrite.js b/src/RestWrite.js
index 4922f71d58..fbb3c63021 100644
--- a/src/RestWrite.js
+++ b/src/RestWrite.js
@@ -109,7 +109,9 @@ RestWrite.prototype.getUserAndRoleACL = function() {
 
 // Validates this operation against the allowClientClassCreation config.
 RestWrite.prototype.validateClientClassCreation = function() {
-  if (this.config.allowClientClassCreation === false && !this.auth.isMaster) {
+  let sysClass = ['_User', '_Installation', '_Role', '_Session', '_Product'];
+  if (this.config.allowClientClassCreation === false && !this.auth.isMaster
+      && sysClass.indexOf(this.className) === -1) {
     return this.config.database.loadSchema().then((schema) => {
       return schema.hasClass(this.className)
     }).then((hasClass) => {