diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
index 1a2a015868..ba4fcdbf75 100755
--- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java
@@ -96,7 +96,12 @@ public class RealmManager {
     }
 
     public RealmModel createRealm(String id, String name) {
-        if (id == null) id = KeycloakModelUtils.generateId();
+        if (id == null) {
+            id = KeycloakModelUtils.generateId();
+        }
+        else {
+            ReservedCharValidator.validate(id);
+        }
         ReservedCharValidator.validate(name);
         RealmModel realm = model.createRealm(id, name);
         realm.setName(name);
@@ -502,6 +507,9 @@ public class RealmManager {
         if (id == null) {
             id = KeycloakModelUtils.generateId();
         }
+        else {
+            ReservedCharValidator.validate(id);
+        }
         RealmModel realm = model.createRealm(id, rep.getRealm());
         ReservedCharValidator.validate(rep.getRealm());
         realm.setName(rep.getRealm());
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/BadRealmTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/BadRealmTest.java
new file mode 100644
index 0000000000..76b1f963b4
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/BadRealmTest.java
@@ -0,0 +1,42 @@
+package org.keycloak.testsuite.model;
+
+import org.junit.Test;
+import org.keycloak.models.KeycloakSession;
+import org.keycloak.representations.idm.RealmRepresentation;
+import org.keycloak.services.managers.RealmManager;
+import org.keycloak.testsuite.AbstractKeycloakTest;
+import org.keycloak.testsuite.arquillian.annotation.ModelTest;
+import org.keycloak.utils.ReservedCharValidator;
+
+import java.util.List;
+
+import static org.junit.Assert.fail;
+
+public class BadRealmTest extends AbstractKeycloakTest {
+    private String name = "MyRealm";
+    private String id = "MyId";
+    private String script = "<script>alert(4)</script>";
+
+    public void addTestRealms(List<RealmRepresentation> testRealms) {
+    }
+
+    @Test
+    @ModelTest
+    public void testBadRealmName(KeycloakSession session) {
+        RealmManager manager = new RealmManager(session);
+        try {
+            manager.createRealm(id, name + script);
+            fail();
+        } catch (ReservedCharValidator.ReservedCharException ex) {}
+    }
+
+    @Test
+    @ModelTest
+    public void testBadRealmId(KeycloakSession session) {
+        RealmManager manager = new RealmManager(session);
+        try {
+            manager.createRealm(id + script, name);
+            fail();
+        } catch (ReservedCharValidator.ReservedCharException ex) {}
+    }
+}