diff --git a/src/Group/Command/CreateGroupHandler.php b/src/Group/Command/CreateGroupHandler.php
index d1e22fe35..0efd8fc8a 100644
--- a/src/Group/Command/CreateGroupHandler.php
+++ b/src/Group/Command/CreateGroupHandler.php
@@ -47,6 +47,7 @@ class CreateGroupHandler
         $actor = $command->actor;
         $data = $command->data;
 
+        $this->assertRegistered($actor);
         $this->assertCan($actor, 'createGroup');
 
         $group = Group::build(
diff --git a/src/User/AssertPermissionTrait.php b/src/User/AssertPermissionTrait.php
index b51207bb1..c9657aa22 100644
--- a/src/User/AssertPermissionTrait.php
+++ b/src/User/AssertPermissionTrait.php
@@ -53,28 +53,17 @@ trait AssertPermissionTrait
      * @param User $actor
      * @param string $ability
      * @param mixed $arguments
-     * @throws NotAuthenticatedException
      * @throws PermissionDeniedException
      */
     protected function assertCan(User $actor, $ability, $arguments = [])
     {
-        // Identify whether guest or user has the permission.
-        $can = $actor->can($ability, $arguments);
-
-        // For non-authenticated users, we throw a different exception to signal
-        // that logging in may help.
-        if (! $can) {
-            $this->assertRegistered($actor);
-        }
-
-        // If we're logged in, then we need to communicate that the current
-        // account simply does not have enough permissions.
-        $this->assertPermission($can);
+        $this->assertPermission(
+            $actor->can($ability, $arguments)
+        );
     }
 
     /**
      * @param User $actor
-     * @throws NotAuthenticatedException
      * @throws PermissionDeniedException
      */
     protected function assertAdmin(User $actor)
diff --git a/src/User/Command/RegisterUserHandler.php b/src/User/Command/RegisterUserHandler.php
index 6925a86fa..2ece57920 100644
--- a/src/User/Command/RegisterUserHandler.php
+++ b/src/User/Command/RegisterUserHandler.php
@@ -72,7 +72,7 @@ class RegisterUserHandler
         $data = $command->data;
 
         if (! $this->settings->get('allow_sign_up')) {
-            $this->assertPermission($actor->can('administrate'));
+            $this->assertAdmin($actor);
         }
 
         $password = Arr::get($data, 'attributes.password');
diff --git a/tests/integration/api/users/ListTest.php b/tests/integration/api/users/ListTest.php
index dcef4a702..4aff4e5da 100644
--- a/tests/integration/api/users/ListTest.php
+++ b/tests/integration/api/users/ListTest.php
@@ -48,7 +48,7 @@ class ListTest extends TestCase
             $this->request('GET', '/api/users')
         );
 
-        $this->assertEquals(401, $response->getStatusCode());
+        $this->assertEquals(403, $response->getStatusCode());
     }
 
     /**