diff --git a/src/octoprint/plugin/types.py b/src/octoprint/plugin/types.py
index d49571e7..6349781c 100644
--- a/src/octoprint/plugin/types.py
+++ b/src/octoprint/plugin/types.py
@@ -469,7 +469,6 @@ class SimpleApiPlugin(OctoPrintPlugin):
 
 	   __plugin_implementation__ = MySimpleApiPlugin()
 
-
 	Our plugin defines two commands, ``command1`` with no mandatory parameters and ``command2`` with one
 	mandatory parameter ``some_parameter``.
 
@@ -520,6 +519,12 @@ class SimpleApiPlugin(OctoPrintPlugin):
 		"""
 		return None
 
+	def is_api_adminonly(self):
+		"""
+		Return True if the API is only available to users having the admin role.
+		"""
+		return False
+
 	def on_api_command(self, command, data):
 		"""
 		Called by OctoPrint upon a POST request to ``/api/plugin/<plugin identifier>``. ``command`` will contain one of
diff --git a/src/octoprint/server/api/__init__.py b/src/octoprint/server/api/__init__.py
index 431d8346..056319bb 100644
--- a/src/octoprint/server/api/__init__.py
+++ b/src/octoprint/server/api/__init__.py
@@ -56,6 +56,9 @@ def pluginData(name):
 		return make_response("More than one api provider registered for {name}, can't proceed".format(name=name), 500)
 
 	api_plugin = api_plugins[0]
+	if api_plugin.is_api_adminonly() and not current_user.is_admin():
+		return make_response("Forbidden", 403)
+
 	response = api_plugin.on_api_get(request)
 
 	if response is not None:
@@ -80,6 +83,9 @@ def pluginCommand(name):
 	if valid_commands is None:
 		return make_response("Method not allowed", 405)
 
+	if api_plugin.is_api_adminonly() and not current_user.is_admin():
+		return make_response("Forbidden", 403)
+
 	command, data, response = get_json_command_from_request(request, valid_commands)
 	if response is not None:
 		return response