| UI or UX | UI + UX - Authorization and access-boundary state | UI + UX - Recoverable failure surface | UI + UX - Resolved no-data content surface | UI + UX - Blocked action anti-pattern |
| UI guidance | Show the blocked object or action, current account, permission level, required role, owner, and request path when revealing that information is allowed. | Render a persistent error region near the affected content with a specific failure heading, plain-language cause, preserved context, and recovery actions. | Render a resolved no-data region with a specific heading, cause text, one primary action when available, optional secondary path, and restrained illustration or icon support. | Replace a lone greyed-out action with visible requirement text, a checklist, permission message, or enabled validation submit that tells users what blocks progress. |
| UX guidance | Use permission denied state when the system knows the user is authenticated but their role, group, share, license, policy, or approval status blocks a specific object or action. | Help users recover when expected loading, saving, validation, sync, permission, or computation fails without losing their work. | Help users distinguish legitimate absence from loading, no-results, error, permission, and setup conditions before offering a next step. | Help users understand whether the block is missing input, invalid data, permission, quota, dependency, safety policy, or temporary processing. |
| Good UI | A report page says Quarterly revenue report requires Finance viewer access, shows the current account, names the report owner, and offers Request access and Switch account. | Reports could not load appears in the report section with the saved filter, Retry, Use cached data, and Contact support actions. | No projects yet heading, short explanation, Create project primary button, Import CSV secondary button, and visible workspace context. | Create workspace is paired with visible requirements: enter a workspace name, accept billing terms, and request owner access. |
| Bad UI | A denial page says Something went wrong and shows Retry even though the user lacks a required group. | Tiny transient toast for a blocking failure. | A blank white table body with no text, object name, or action. | Create workspace is greyed out with no nearby text, checklist, or request-access route. |
| Good UX | A user opens a restricted report, sees which account is signed in, requests viewer access with a reason, then sees that the request is pending with the owner. | User input and filter context are preserved after failure, and retry returns to recovered content or a clear still-failed state. | Users can create the first project, import existing work, or request access depending on the actual cause. | Users can satisfy requirements one by one and see the action become available, or submit and receive actionable validation. |
| Bad UX | The app returns a blank screen for a restricted file, so the user cannot tell whether the file is gone, private, or opened with the wrong account. | Clearing work after save failure. | The same empty message appears for loading, search no-results, permission denial, and service failure. | Users change random fields because the unavailable action never states the missing condition. |
| Best fit | A signed-in user lacks permission to view, edit, publish, export, delete, approve, share, administer, or configure a resource. | A system or task failure blocks expected content or action. | The product area can legitimately contain no user data. | Use this anti-pattern entry to audit disabled submit, continue, create, save, delete, publish, invite, export, payment, and setup actions. |
| Avoid when | The user is not signed in and the next step is authentication rather than authorization. | Nothing exists yet and the state is expected. | The absence was caused by filters or search. | The action remains available and returns actionable validation after activation. |
| Required state | Whole-object access denied state. | Normal expected state before failure. | First-use empty state before any objects exist. | Unavailable action state with visible reason and affected requirement. |
| Accessibility burden | Use a heading that identifies the access boundary and a text description that does not rely on lock icons or red color alone. | Use appropriate alert or status semantics for newly appearing critical errors. | Keep the message in normal reading order near the empty region it explains. | Do not make the only explanation unreachable because the control is disabled, skipped by focus, or hidden behind hover. |
| Common misuse | Treating authorization denial as a generic retryable error. | Using a transient toast for critical errors. | Showing a blank page with no explanation. | Greying out Continue until every field is valid without showing the missing or invalid answers. |