diff --git a/dataprovider/user.go b/dataprovider/user.go
index 155d65a2..122149a8 100644
--- a/dataprovider/user.go
+++ b/dataprovider/user.go
@@ -822,7 +822,7 @@ func (u *User) GetFsConfigAsJSON() ([]byte, error) {
 
 // GetUID returns a validate uid, suitable for use with os.Chown
 func (u *User) GetUID() int {
-	if u.UID <= 0 || u.UID > int(math.Pow(2, 31))-1 {
+	if u.UID <= 0 || u.UID > math.MaxInt32 {
 		return -1
 	}
 	return u.UID
@@ -830,7 +830,7 @@ func (u *User) GetUID() int {
 
 // GetGID returns a validate gid, suitable for use with os.Chown
 func (u *User) GetGID() int {
-	if u.GID <= 0 || u.GID > int(math.Pow(2, 31))-1 {
+	if u.GID <= 0 || u.GID > math.MaxInt32 {
 		return -1
 	}
 	return u.GID
diff --git a/httpd/httpd_test.go b/httpd/httpd_test.go
index d037d5aa..6e85abbe 100644
--- a/httpd/httpd_test.go
+++ b/httpd/httpd_test.go
@@ -7,6 +7,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"math"
 	"mime/multipart"
 	"net"
 	"net/http"
@@ -419,6 +420,19 @@ func TestUserStatus(t *testing.T) {
 	assert.NoError(t, err)
 }
 
+func TestUidGidLimits(t *testing.T) {
+	u := getTestUser()
+	u.UID = math.MaxInt32
+	u.GID = math.MaxInt32
+	user, _, err := httpdtest.AddUser(u, http.StatusCreated)
+	assert.NoError(t, err)
+	assert.Equal(t, math.MaxInt32, user.GetUID())
+	assert.Equal(t, math.MaxInt32, user.GetGID())
+
+	_, err = httpdtest.RemoveUser(user, http.StatusOK)
+	assert.NoError(t, err)
+}
+
 func TestAddUserNoCredentials(t *testing.T) {
 	u := getTestUser()
 	u.Password = ""