diff --git a/common/models/user.js b/common/models/user.js
index 58411b42..eb2b9247 100644
--- a/common/models/user.js
+++ b/common/models/user.js
@@ -346,6 +346,9 @@ module.exports = function(User) {
   };
 
   User.observe('before delete', function(ctx, next) {
+    // Do nothing when the access control was disabled for this user model.
+    if (!ctx.Model.relations.accessTokens) return next();
+
     var AccessToken = ctx.Model.relations.accessTokens.modelTo;
     var pkName = ctx.Model.definition.idName() || 'id';
     ctx.Model.find({where: ctx.where, fields: [pkName]}, function(err, list) {
diff --git a/test/user.test.js b/test/user.test.js
index fb77175c..de7841bc 100644
--- a/test/user.test.js
+++ b/test/user.test.js
@@ -299,6 +299,23 @@ describe('User', function() {
       });
     });
 
+    it('skips token invalidation when the relation is not configured', () => {
+      const app = loopback({localRegistry: true, loadBuiltinModels: true});
+      app.dataSource('db', {connector: 'memory'});
+
+      const PrivateUser = app.registry.createModel({
+        name: 'PrivateUser',
+        base: 'User',
+        // Speed up the password hashing algorithm for tests
+        saltWorkFactor: 4,
+      });
+      app.model(PrivateUser, {dataSource: 'db'});
+
+      return PrivateUser.create({email: 'private@example.com', password: 'pass'})
+        .then(u => PrivateUser.deleteById(u.id));
+      // the test passed when the operation did not crash
+    });
+
     it('invalidates the user\'s accessToken when the user is deleted all', function(done) {
       var userIds = [];
       var users;