diff --git a/app/notify_client/service_api_client.py b/app/notify_client/service_api_client.py
index b6a689659..a9b855e0d 100644
--- a/app/notify_client/service_api_client.py
+++ b/app/notify_client/service_api_client.py
@@ -81,6 +81,21 @@ class ServiceAPIClient(NotificationsAPIClient):
         """
         Update a service.
         """
+        disallowed_attributes = set(kwargs.keys()) - {
+            'name',
+            'users',
+            'message_limit',
+            'active',
+            'restricted',
+            'email_from',
+            'reply_to_email_address',
+            'sms_sender'
+        }
+        if disallowed_attributes:
+            raise TypeError('Not allowed to update service attributes: {}'.format(
+                ", ".join(disallowed_attributes)
+            ))
+
         _attach_current_user(kwargs)
         endpoint = "/service/{0}".format(service_id)
         return self.post(endpoint, data)
diff --git a/tests/app/notify_client/test_service_api_client.py b/tests/app/notify_client/test_service_api_client.py
index 57557936e..95a6e8e50 100644
--- a/tests/app/notify_client/test_service_api_client.py
+++ b/tests/app/notify_client/test_service_api_client.py
@@ -37,3 +37,9 @@ def test_client_gets_service(mocker, function, params):
 
     function(client, 'foo')
     mock_get.assert_called_once_with('/service/foo', params=params)
+
+
+def test_client_only_updates_allowed_attributes(mocker):
+    with pytest.raises(TypeError) as error:
+        ServiceAPIClient().update_service('service_id', foo='bar')
+    assert str(error.value) == 'Not allowed to update service attributes: foo'