diff --git a/synapse/api/auth.py b/synapse/api/auth.py
index 739f77afd4f2f90cf3614f2401fe2e6cfd26cc9c..5e3ea5b8c57e2cd7313dca2a5c56ea5cf286cf0a 100644
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -259,6 +259,9 @@ class Auth(object):
             raise AuthError(403, "Unrecognised access token.",
                             errcode=Codes.UNKNOWN_TOKEN)
 
+    def is_server_admin(self, user):
+        return self.store.is_server_admin(user)
+
     @defer.inlineCallbacks
     @log_function
     def _can_send_event(self, event):
diff --git a/synapse/storage/registration.py b/synapse/storage/registration.py
index db20b1daa08b2dedc15aaf338b9d939cc62e8a9d..f32b000cb6577ed79b7c834017fce7cc63c10896 100644
--- a/synapse/storage/registration.py
+++ b/synapse/storage/registration.py
@@ -103,6 +103,14 @@ class RegistrationStore(SQLBaseStore):
                                                      token)
         defer.returnValue(user_id)
 
+    @defer.inlineCallbacks
+    def is_server_admin(self, user):
+        return self._simple_select_one_onecol(
+            table="users",
+            keyvalues={"name": user.to_string()},
+            retcol="admin",
+        )
+
     def _query_for_auth(self, txn, token):
         txn.execute("SELECT users.name FROM access_tokens LEFT JOIN users" +
                     " ON users.id = access_tokens.user_id WHERE token = ?",