diff --git a/doc/permissions/permissions.md b/doc/permissions/permissions.md
index 29fe521b4d138d3177cad0c9e5b2d39a3a878a05..db22b7dbe56d08d9a43ecf06b69a94f98d622416 100644
--- a/doc/permissions/permissions.md
+++ b/doc/permissions/permissions.md
@@ -23,6 +23,7 @@ If a user is a GitLab administrator they receive all permissions.
 | Add tags                              |         |            | ✓           | ✓        | ✓      |
 | Write a wiki                          |         |            | ✓           | ✓        | ✓      |
 | Manage issue tracker                  |         |            | ✓           | ✓        | ✓      |
+| Manage labels                         |         |            | ✓           | ✓        | ✓      |
 | Create new milestones                 |         |            |             | ✓        | ✓      |
 | Add new team members                  |         |            |             | ✓        | ✓      |
 | Push to protected branches            |         |            |             | ✓        | ✓      |
diff --git a/lib/api/labels.rb b/lib/api/labels.rb
index c73a4dbe916b941588aec127c8b2b0694f10168a..d1684b2293cc89590e822f65374f9ce140e78915 100644
--- a/lib/api/labels.rb
+++ b/lib/api/labels.rb
@@ -24,6 +24,7 @@ module API
       # Example Request:
       #   POST /projects/:id/labels
       post ':id/labels' do
+        authorize! :admin_label, user_project
         required_attributes! [:name, :color]
 
         attrs = attributes_for_keys [:name, :color]
@@ -51,6 +52,7 @@ module API
       # Example Request:
       #   DELETE /projects/:id/labels
       delete ':id/labels' do
+        authorize! :admin_label, user_project
         required_attributes! [:name]
 
         label = user_project.find_label(params[:name])
@@ -71,6 +73,7 @@ module API
       # Example Request:
       #   PUT /projects/:id/labels
       put ':id/labels' do
+        authorize! :admin_label, user_project
         required_attributes! [:name]
 
         label = user_project.find_label(params[:name])