diff --git a/authentik/core/urls.py b/authentik/core/urls.py
index c1aabab26..772fc0126 100644
--- a/authentik/core/urls.py
+++ b/authentik/core/urls.py
@@ -1,5 +1,4 @@
 """authentik URL Configuration"""
-from authentik.core.views.session import EndSessionView
 from django.contrib.auth.decorators import login_required
 from django.urls import path
 from django.views.decorators.csrf import ensure_csrf_cookie
@@ -8,6 +7,7 @@ from django.views.generic.base import TemplateView
 
 from authentik.core.views import impersonate
 from authentik.core.views.interface import FlowInterfaceView
+from authentik.core.views.session import EndSessionView
 
 urlpatterns = [
     path(
diff --git a/authentik/core/views/session.py b/authentik/core/views/session.py
index f726bc10f..864d9b8de 100644
--- a/authentik/core/views/session.py
+++ b/authentik/core/views/session.py
@@ -5,18 +5,20 @@ from django.shortcuts import get_object_or_404
 from django.views.generic.base import TemplateView
 
 from authentik.core.models import Application
+from authentik.policies.views import PolicyAccessView
 
 
-class EndSessionView(TemplateView):
+class EndSessionView(TemplateView, PolicyAccessView):
     """Allow the client to end the Session"""
 
     template_name = "if/end_session.html"
 
-    def get_context_data(self, **kwargs: Any) -> dict[str, Any]:
-        context = super().get_context_data(**kwargs)
-
-        context["application"] = get_object_or_404(
+    def resolve_provider_application(self):
+        self.application = get_object_or_404(
             Application, slug=self.kwargs["application_slug"]
         )
 
+    def get_context_data(self, **kwargs: Any) -> dict[str, Any]:
+        context = super().get_context_data(**kwargs)
+        context["application"] = self.application
         return context
diff --git a/authentik/policies/templates/policies/denied.html b/authentik/policies/templates/policies/denied.html
index 65565e7de..3c26e4f03 100644
--- a/authentik/policies/templates/policies/denied.html
+++ b/authentik/policies/templates/policies/denied.html
@@ -26,15 +26,17 @@
         </p>
         {% endif %}
         {% if policy_result %}
-        <hr>
-        <em>{% trans 'Messages:' %}</em>
-        <ul class="pf-c-list">
-            {% for message in policy_result.messages %}
-            <li>
-                {{ message }}
-            </li>
-            {% endfor %}
-        </ul>
+            <hr>
+            {% if policy_result.messages %}
+            <em>{% trans 'Messages:' %}</em>
+            <ul class="pf-c-list">
+                {% for message in policy_result.messages %}
+                <li>
+                    {{ message }}
+                </li>
+                {% endfor %}
+            </ul>
+            {% endif %}
             {% if policy_result.source_results %}
             <em>{% trans 'Explanation:' %}</em>
             <ul class="pf-c-list">