diff --git a/internal/services/gateway/command/org.go b/internal/services/gateway/command/org.go
index 367ba6a..5662d0a 100644
--- a/internal/services/gateway/command/org.go
+++ b/internal/services/gateway/command/org.go
@@ -32,7 +32,7 @@ func (c *CommandHandler) CreateOrg(ctx context.Context, req *CreateOrgRequest) (
 		return nil, util.NewErrBadRequest(errors.Errorf("organization name required"))
 	}
 	if !util.ValidateName(req.Name) {
-		return nil, errors.Errorf("invalid organization name %q", req.Name)
+		return nil, util.NewErrBadRequest(errors.Errorf("invalid organization name %q", req.Name))
 	}
 
 	org := &types.Organization{
diff --git a/internal/services/gateway/command/project.go b/internal/services/gateway/command/project.go
index 736078c..f1abc4f 100644
--- a/internal/services/gateway/command/project.go
+++ b/internal/services/gateway/command/project.go
@@ -37,7 +37,7 @@ type CreateProjectRequest struct {
 
 func (c *CommandHandler) CreateProject(ctx context.Context, req *CreateProjectRequest) (*types.Project, error) {
 	if !util.ValidateName(req.Name) {
-		return nil, errors.Errorf("invalid project name %q", req.Name)
+		return nil, util.NewErrBadRequest(errors.Errorf("invalid project name %q", req.Name))
 	}
 
 	user, _, err := c.configstoreClient.GetUser(ctx, req.CurrentUserID)
diff --git a/internal/services/gateway/command/projectgroup.go b/internal/services/gateway/command/projectgroup.go
index 3c697fa..c48f5ac 100644
--- a/internal/services/gateway/command/projectgroup.go
+++ b/internal/services/gateway/command/projectgroup.go
@@ -32,7 +32,7 @@ type CreateProjectGroupRequest struct {
 
 func (c *CommandHandler) CreateProjectGroup(ctx context.Context, req *CreateProjectGroupRequest) (*types.ProjectGroup, error) {
 	if !util.ValidateName(req.Name) {
-		return nil, errors.Errorf("invalid projectGroup name %q", req.Name)
+		return nil, util.NewErrBadRequest(errors.Errorf("invalid projectGroup name %q", req.Name))
 	}
 
 	user, _, err := c.configstoreClient.GetUser(ctx, req.CurrentUserID)
diff --git a/internal/services/gateway/command/user.go b/internal/services/gateway/command/user.go
index 08b1220..6414130 100644
--- a/internal/services/gateway/command/user.go
+++ b/internal/services/gateway/command/user.go
@@ -17,6 +17,7 @@ package command
 import (
 	"context"
 	"encoding/json"
+	"net/http"
 
 	gitsource "github.com/sorintlab/agola/internal/gitsources"
 	csapi "github.com/sorintlab/agola/internal/services/configstore/api"
@@ -37,7 +38,7 @@ func (c *CommandHandler) CreateUser(ctx context.Context, req *CreateUserRequest)
 		return nil, util.NewErrBadRequest(errors.Errorf("user name required"))
 	}
 	if !util.ValidateName(req.UserName) {
-		return nil, errors.Errorf("invalid user name %q", req.UserName)
+		return nil, util.NewErrBadRequest(errors.Errorf("invalid user name %q", req.UserName))
 	}
 
 	creq := &csapi.CreateUserRequest{
@@ -73,8 +74,11 @@ func (c *CommandHandler) CreateUserToken(ctx context.Context, req *CreateUserTok
 	}
 
 	userName := req.UserName
-	user, _, err := c.configstoreClient.GetUserByName(ctx, userName)
+	user, resp, err := c.configstoreClient.GetUserByName(ctx, userName)
 	if err != nil {
+		if resp != nil && resp.StatusCode == http.StatusNotFound {
+			return "", util.NewErrBadRequest(errors.Errorf("user %q doesn't exist", userID))
+		}
 		return "", errors.Wrapf(err, "failed to get user %q", userID)
 	}
 
@@ -109,8 +113,11 @@ type CreateUserLARequest struct {
 
 func (c *CommandHandler) CreateUserLA(ctx context.Context, req *CreateUserLARequest) (*types.LinkedAccount, error) {
 	userName := req.UserName
-	user, _, err := c.configstoreClient.GetUserByName(ctx, userName)
+	user, resp, err := c.configstoreClient.GetUserByName(ctx, userName)
 	if err != nil {
+		if resp != nil && resp.StatusCode == http.StatusNotFound {
+			return nil, util.NewErrBadRequest(errors.Errorf("user %q doesn't exist", userName))
+		}
 		return nil, errors.Wrapf(err, "failed to get user %q", userName)
 	}
 	rs, _, err := c.configstoreClient.GetRemoteSourceByName(ctx, req.RemoteSourceName)
@@ -127,7 +134,7 @@ func (c *CommandHandler) CreateUserLA(ctx context.Context, req *CreateUserLARequ
 	}
 	c.log.Infof("la: %s", util.Dump(la))
 	if la != nil {
-		return nil, errors.Errorf("user %q already have a linked account for remote source %q", userName, rs.Name)
+		return nil, util.NewErrBadRequest(errors.Errorf("user %q already have a linked account for remote source %q", userName, rs.Name))
 	}
 
 	accessToken, err := common.GetAccessToken(rs.AuthType, req.RemoteSourceUserAccessToken, req.RemoteSourceOauth2AccessToken)
@@ -179,7 +186,7 @@ func (c *CommandHandler) RegisterUser(ctx context.Context, req *RegisterUserRequ
 		return nil, util.NewErrBadRequest(errors.Errorf("user name required"))
 	}
 	if !util.ValidateName(req.UserName) {
-		return nil, errors.Errorf("invalid user name %q", req.UserName)
+		return nil, util.NewErrBadRequest(errors.Errorf("invalid user name %q", req.UserName))
 	}
 
 	rs, _, err := c.configstoreClient.GetRemoteSourceByName(ctx, req.RemoteSourceName)