diff --git a/packages/core/admin/server/services/permission/permissions-manager/sanitize.js b/packages/core/admin/server/services/permission/permissions-manager/sanitize.js
index 433f2e0b0c..01dd0d95e2 100644
--- a/packages/core/admin/server/services/permission/permissions-manager/sanitize.js
+++ b/packages/core/admin/server/services/permission/permissions-manager/sanitize.js
@@ -108,7 +108,7 @@ module.exports = ({ action, ability, model }) => {
   const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);
 
   const pickAllowedAdminUserFields = ({ attribute, key, value }, { set }) => {
-    if (attribute.type === 'relation' && attribute.target === 'admin::user') {
+    if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {
       if (Array.isArray(value)) {
         set(key, value.map(val => pick(['id', 'firstname', 'lastname', 'username'], val)), value);
       } else {