diff --git a/ui/tests/acceptance/jobs-list-test.js b/ui/tests/acceptance/jobs-list-test.js
index 8433cdffd..c1cbaadbe 100644
--- a/ui/tests/acceptance/jobs-list-test.js
+++ b/ui/tests/acceptance/jobs-list-test.js
@@ -139,3 +139,23 @@ test('when the namespace query param is set, only matching jobs are shown and th
     assert.equal(find('.job-row td').textContent, job2.name, 'The correct job is shown');
   });
 });
+
+test('when accessing jobs is forbidden, show a message with a link to the tokens page', function(
+  assert
+) {
+  server.pretender.get('/v1/jobs', () => [403, {}, null]);
+
+  visit('/jobs');
+
+  andThen(() => {
+    assert.equal(find('.empty-message-headline').textContent, 'Not Authorized');
+  });
+
+  andThen(() => {
+    click('.empty-message-body a');
+  });
+
+  andThen(() => {
+    assert.equal(currentURL(), '/settings/tokens');
+  });
+});
diff --git a/ui/tests/acceptance/nodes-list-test.js b/ui/tests/acceptance/nodes-list-test.js
index 23e1b10ed..ca5c75a78 100644
--- a/ui/tests/acceptance/nodes-list-test.js
+++ b/ui/tests/acceptance/nodes-list-test.js
@@ -104,6 +104,28 @@ test('when there are clients, but no matches for a search term, there is an empt
   });
 });
 
+test('when accessing clients is forbidden, show a message with a link to the tokens page', function(
+  assert
+) {
+  server.create('agent');
+  server.create('node', { name: 'node' });
+  server.pretender.get('/v1/nodes', () => [403, {}, null]);
+
+  visit('/nodes');
+
+  andThen(() => {
+    assert.equal(find('.empty-message-headline').textContent, 'Not Authorized');
+  });
+
+  andThen(() => {
+    click('.empty-message-body a');
+  });
+
+  andThen(() => {
+    assert.equal(currentURL(), '/settings/tokens');
+  });
+});
+
 test('/servers should list all servers', function(assert) {
   const agentsCount = 10;
   const pageSize = 8;
@@ -191,3 +213,24 @@ test('when the API returns no agents, show an empty message', function(assert) {
     assert.equal(find('.empty-message-headline').textContent, 'Invalid Permissions');
   });
 });
+
+test('when accessing servers is forbidden, show a message with a link to the tokens page', function(
+  assert
+) {
+  server.create('agent');
+  server.pretender.get('/v1/agent/members', () => [403, {}, null]);
+
+  visit('/servers');
+
+  andThen(() => {
+    assert.equal(find('.empty-message-headline').textContent, 'Not Authorized');
+  });
+
+  andThen(() => {
+    click('.empty-message-body a');
+  });
+
+  andThen(() => {
+    assert.equal(currentURL(), '/settings/tokens');
+  });
+});