diff --git a/config-sample.json b/config-sample.json
index 4c5fcc774f388da0a88e321a1a844b1d8b254570..825f83972228cc3535417dc38bc782fd424aa52d 100644
--- a/config-sample.json
+++ b/config-sample.json
@@ -1,4 +1,5 @@
 {
+  "command_user"  : "",
   "wp_endpoint"   : "",
   "wp_username"   : "",
   "wp_password"   : "",
diff --git a/index.js b/index.js
index 59190bb1177beb043bfbe8e129495e8b1e4744c4..06134c8e6c8c894183c44474f5ac40a4db3966ab 100644
--- a/index.js
+++ b/index.js
@@ -31,6 +31,16 @@ app.post( '/log', function( req, res ) {
 		return res.sendStatus( 400 );
 	}
 
+	// Limit who can trigger the command
+	if ( 'undefined' === typeof req.body.user_name || config.command_user !== req.body.user_name ) {
+		var response = {
+			"response_type": "ephemeral",
+			"text": "Sorry, you can't record completed tasks."
+		};
+
+		return res.send( response );
+	}
+
 	// Massage the title
 	var title = req.body.text;
 	title = striptags( title, [] );
@@ -58,7 +68,7 @@ app.post( '/log', function( req, res ) {
 			"text": "**Entry recorded (**ID #" + resp.id + ", <" + resp.link + ">**)**\n" + resp.title.rendered
 		};
 
-		res.send( response);
+		res.send( response );
 	} );
 } );