diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 94639c5bd65..79a1cfd7682 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -372,14 +372,21 @@ class UsersController < ApplicationController
         user_id: user.id
       }
     else
+      errors = user.errors.to_hash
+      errors[:email] = errors.delete(:primary_email) if errors[:primary_email]
+
       render json: {
         success: false,
         message: I18n.t(
           'login.errors',
           errors: user.errors.full_messages.join("\n")
         ),
-        errors: user.errors.to_hash,
-        values: user.attributes.slice('name', 'username', 'email'),
+        errors: errors,
+        values: {
+          name: user.name,
+          username: user.username,
+          email: user.primary_email&.email
+        },
         is_developer: UsernameCheckerService.is_developer?(user.email)
       }
     end
diff --git a/app/models/user.rb b/app/models/user.rb
index 4e164817fb4..9cd270f83eb 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -83,7 +83,7 @@ class User < ActiveRecord::Base
   validates :name, user_full_name: true, if: :name_changed?, length: { maximum: 255 }
   validates :ip_address, allowed_ip_address: { on: :create, message: :signup_not_allowed }
   validates :primary_email, presence: true
-  validates_associated :primary_email
+  validates_associated :primary_email, message: -> (_, user_email) { user_email[:value]&.errors[:email]&.first }
 
   after_initialize :add_trust_level
 
diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb
index a539da748fd..c8d1ecbc84a 100644
--- a/spec/controllers/admin/users_controller_spec.rb
+++ b/spec/controllers/admin/users_controller_spec.rb
@@ -621,7 +621,7 @@ describe Admin::UsersController do
 
       xhr :post, :sync_sso, Rack::Utils.parse_query(sso.payload)
       expect(response.status).to eq(403)
-      expect(JSON.parse(response.body)["message"]).to include("Primary email is invalid")
+      expect(JSON.parse(response.body)["message"]).to include("Primary email can't be blank")
     end
   end
 end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 066290194e7..20065603191 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -584,7 +584,9 @@ describe User do
 
     it 'whitelist should reject some emails based on the email_domains_whitelist site setting' do
       SiteSetting.email_domains_whitelist = 'vaynermedia.com'
-      expect(Fabricate.build(:user, email: 'notgood@mailinator.com')).not_to be_valid
+      user = Fabricate.build(:user, email: 'notgood@mailinator.com')
+      expect(user).not_to be_valid
+      expect(user.errors.messages[:primary_email]).to include(I18n.t('user.email.not_allowed'))
       expect(Fabricate.build(:user, email: 'sbauch@vaynermedia.com')).to be_valid
     end