diff --git a/view/who.go b/view/who.go
index b1f81b5..5a9c5bc 100644
--- a/view/who.go
+++ b/view/who.go
@@ -131,6 +131,10 @@ func whoPost(namespace string, g storage.Graph, w http.ResponseWriter, r *http.R
 	if err := json.NewDecoder(r.Body).Decode(&one); err != nil {
 		return err
 	}
+	if one.Name != "" && one.Name != id {
+		http.Error(w, `{"error":"names differ between URL and request body"}`, http.StatusBadRequest)
+		return nil
+	}
 	one.Name = id
 	if err := g.Insert(r.Context(), namespace, one); err != nil {
 		return err