diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8118650..69154b1 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -23,6 +23,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 - Make webclient-to-object redirects work for remote profiles and posts.
 - Added webclient redirection rule for `/@username` routes.
+- Don't allow migration if user doesn't have identity proofs.
 
 ## [1.17.0] - 2023-03-15
 
diff --git a/src/mastodon_api/settings/views.rs b/src/mastodon_api/settings/views.rs
index 339b026..51f66f6 100644
--- a/src/mastodon_api/settings/views.rs
+++ b/src/mastodon_api/settings/views.rs
@@ -130,6 +130,9 @@ async fn move_followers(
 ) -> Result<HttpResponse, MastodonError> {
     let db_client = &mut **get_database_client(&db_pool).await?;
     let current_user = get_current_user(db_client, auth.token()).await?;
+    if current_user.profile.identity_proofs.inner().is_empty() {
+        return Err(ValidationError("identity proof is required").into());
+    };
     let instance = config.instance();
     if request_data.from_actor_id.starts_with(&instance.url()) {
         return Err(ValidationError("can't move from local actor").into());