diff --git a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeEndpoint.java
index ded01854..21035e98 100644
--- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeEndpoint.java
@@ -88,4 +88,13 @@ public class AuthorizeEndpoint extends AuthorizeBaseEndpoint{
 		return modelAndView;
 	}
 	
+	@RequestMapping("/authz/refused")
+	public ModelAndView refused(){
+		ModelAndView modelAndView = new ModelAndView("authorize/authorize_refused");
+		Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP);
+		app.transIconBase64();
+		modelAndView.addObject("model", app);
+		return modelAndView;
+	}
+	
 }
diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
index 748c706f..f289c890 100644
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
@@ -139,6 +139,7 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
         		.addPathPatterns("/logon/oauth20/bind/**")
         		.addPathPatterns("/logout")
                 .addPathPatterns("/logout/**")
+                .addPathPatterns("/authz/refused")
                 ;
         
         _logger.debug("add Permission Interceptor");
diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/SingleSignOnInterceptor.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/SingleSignOnInterceptor.java
index 25ebf02b..f091c835 100644
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/SingleSignOnInterceptor.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/SingleSignOnInterceptor.java
@@ -114,7 +114,7 @@ public class SingleSignOnInterceptor  implements AsyncHandlerInterceptor {
 	            }
 	        }
 	        _logger.debug("preHandle not have authority access " + app);
-	        return false;
+	        response.sendRedirect(request.getContextPath()+"/authz/refused");
     	}
         return true;
     }
diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/resources/messages/message.properties b/maxkey-webs/maxkey-web-maxkey/src/main/resources/messages/message.properties
index aec1f483..26f9b1bf 100644
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/messages/message.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/messages/message.properties
@@ -17,6 +17,9 @@ login.session.timeout.tip=\u767B\u5F55\u4F1A\u8BDD\u8D85\u65F6
 login.session.timeout.prefix=\u60A8\u7684\u767B\u5F55\u4F1A\u8BDD\u5DF2\u7ECF\u8D85\u65F6\uFF0C\u8BF7
 login.session.timeout.suffix=\u91CD\u65B0\u767B\u5F55
 
+login.authz.refuse=\u4F60\u6CA1\u6709\u6743\u9650\u8BBF\u95EE\u8BE5\u5E94\u7528\uFF0C\u8BF7\u8054\u7CFB\u7BA1\u7406\u5458\u3002
+common.text.close=\u5173\u95ED
+
 common.window.title=\u7A97\u53E3
 common.alert.title=\u63D0\u793A\u4FE1\u606F
 common.alert.closeText=\u5173\u95ED
diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/resources/messages/message_en.properties b/maxkey-webs/maxkey-web-maxkey/src/main/resources/messages/message_en.properties
index 2e20bdf6..ecc4fa34 100644
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/messages/message_en.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/messages/message_en.properties
@@ -17,6 +17,9 @@ login.session.timeout.tip=Login session timeout
 login.session.timeout.prefix=Your login session has timed out. Please
 login.session.timeout.suffix=re-login 
 
+login.authz.refuse=You don't have authority to access this app, please contact the administrator.
+common.text.close=Close
+
 common.window.title=Window
 common.alert.title=Information
 common.alert.closeText=Close
diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/resources/messages/message_zh_CN.properties b/maxkey-webs/maxkey-web-maxkey/src/main/resources/messages/message_zh_CN.properties
index d69052c4..703ac6c9 100644
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/messages/message_zh_CN.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/messages/message_zh_CN.properties
@@ -17,6 +17,9 @@ login.session.timeout.tip=\u767B\u5F55\u4F1A\u8BDD\u8D85\u65F6
 login.session.timeout.prefix=\u60A8\u7684\u767B\u5F55\u4F1A\u8BDD\u5DF2\u7ECF\u8D85\u65F6\uFF0C\u8BF7
 login.session.timeout.suffix=\u91CD\u65B0\u767B\u5F55
 
+login.authz.refuse=\u4F60\u6CA1\u6709\u6743\u9650\u8BBF\u95EE\u8BE5\u5E94\u7528\uFF0C\u8BF7\u8054\u7CFB\u7BA1\u7406\u5458\u3002
+common.text.close=\u5173\u95ED
+
 common.window.title=\u7A97\u53E3
 common.alert.title=\u63D0\u793A\u4FE1\u606F
 common.alert.closeText=\u5173\u95ED
diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/resources/templates/views/authorize/authorize_refused.ftl b/maxkey-webs/maxkey-web-maxkey/src/main/resources/templates/views/authorize/authorize_refused.ftl
new file mode 100644
index 00000000..1b136f65
--- /dev/null
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/templates/views/authorize/authorize_refused.ftl
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html >
+<head>
+    <title>Refuse To Access</title>
+    <#include  "authorize_common.ftl">
+</head>
+
+<body>
+<center>
+    <form id="refuse_form" name="refuse_form" action="" method="get">
+    
+		<table style="width:400px">
+			<tr>
+				<td colspan='2'><@locale code="login.authz.refuse" /></td>
+			</tr>
+			<tr>
+				<td><img src="${model.iconBase64}"/></td><td>${model.appName}</td>
+			</tr>
+			<tr style="display:none">
+				<td>${model.id}</td>
+			</tr>
+		</table>
+	</form>
+</center>
+</body>
+</html>