diff --git a/passbook/core/templates/base/skeleton.html b/passbook/core/templates/base/skeleton.html
index 216d0168c..7896471c8 100644
--- a/passbook/core/templates/base/skeleton.html
+++ b/passbook/core/templates/base/skeleton.html
@@ -14,6 +14,8 @@
     <link rel="icon" type="image/png" href="{% static 'img/logo.png' %}">
     <link rel="stylesheet" type="text/css" href="{% static 'css/patternfly.min.css' %}">
     <link rel="stylesheet" type="text/css" href="{% static 'css/patternfly-additions.min.css' %}">
+    {% block head %}
+    {% endblock %}
   </head>
   <body {% if is_login %} class="login-pf" {% endif %}>
     {% block body %}
@@ -24,4 +26,4 @@
     {% block scripts %}
     {% endblock %}
   </body>
-</html>
\ No newline at end of file
+</html>
diff --git a/passbook/core/templates/login/loading.html b/passbook/core/templates/login/loading.html
new file mode 100644
index 000000000..f9b1e548e
--- /dev/null
+++ b/passbook/core/templates/login/loading.html
@@ -0,0 +1,24 @@
+{% extends 'login/base.html' %}
+
+{% load static %}
+{% load i18n %}
+{% load utils %}
+
+{% block title %}
+{% title title %}
+{% endblock %}
+
+{% block head %}
+<meta http-equiv="refresh" content="0; url={{ target_url }}" />
+{% endblock %}
+
+{% block card %}
+<header class="login-pf-header">
+  <h1>{% trans title %}</h1>
+</header>
+<form>
+  <div class="form-group">
+    <div class="spinner spinner-lg"></div>
+  </div>
+</form>
+{% endblock %}
diff --git a/passbook/core/views/utils.py b/passbook/core/views/utils.py
new file mode 100644
index 000000000..a9de23541
--- /dev/null
+++ b/passbook/core/views/utils.py
@@ -0,0 +1,22 @@
+"""passbook core utils view"""
+
+from django.utils.translation import ugettext as _
+from django.views.generic import TemplateView
+
+
+class LoadingView(TemplateView):
+    """View showing a loading template, and forwarding to real view using html forwarding."""
+
+    template_name = 'login/loading.html'
+    title = _('Loading')
+    target_url = None
+
+    def get_url(self):
+        """Return URL template will redirect to"""
+        return self.target_url
+
+    def get_context_data(self, **kwargs):
+        kwargs['is_login'] = True
+        kwargs['title'] = self.title
+        kwargs['target_url'] = self.get_url()
+        return super().get_context_data(**kwargs)
diff --git a/passbook/oauth_provider/templates/oauth2_provider/authorize.html b/passbook/oauth_provider/templates/oauth2_provider/authorize.html
index 790dcbd6f..9378f76ae 100644
--- a/passbook/oauth_provider/templates/oauth2_provider/authorize.html
+++ b/passbook/oauth_provider/templates/oauth2_provider/authorize.html
@@ -42,9 +42,12 @@
                 <a href="{% url 'passbook_core:auth-logout' %}">{% trans 'Logout' %}</a>
             </p>
             <div class="form-group">
-                <input type="submit" class="btn btn-success btn-lg" name="allow" value="{% trans 'Continue' %}">
+                <input type="submit" class="btn btn-success btn-disabled btn-lg click-spinner" name="allow" value="{% trans 'Continue' %}">
                 <a href="{% back %}" class="btn btn-default btn-lg">{% trans "Cancel" %}</a>
             </div>
+            <div class="form-group spinner-hidden hidden">
+                <div class="spinner"></div>
+            </div>
         </div>
     {% else %}
     <div class="login-group">
@@ -56,3 +59,12 @@
     {% endif %}
 </form>
 {% endblock %}
+
+{% block scripts %}
+<script>
+    $('.click-spinner').on('click', function (e) {
+        $('.spinner-hidden').removeClass('hidden');
+        $(e.target).addClass('disabled');
+    })
+</script>
+{% endblock %}
diff --git a/passbook/oauth_provider/urls.py b/passbook/oauth_provider/urls.py
index 374055349..ebb5d160c 100644
--- a/passbook/oauth_provider/urls.py
+++ b/passbook/oauth_provider/urls.py
@@ -6,7 +6,10 @@ from passbook.oauth_provider.views import oauth2
 
 urlpatterns = [
     # Custom OAuth 2 Authorize View
-    path('authorize/', oauth2.PassbookAuthorizationView.as_view(), name="oauth2-authorize"),
+    path('authorize/', oauth2.PassbookAuthorizationLoadingView.as_view(),
+         name="oauth2-authorize"),
+    path('authorize/permission_ok/', oauth2.PassbookAuthorizationView.as_view(),
+         name="oauth2-ok-authorize"),
     # OAuth API
     path('', include('oauth2_provider.urls', namespace='oauth2_provider')),
 ]
diff --git a/passbook/oauth_provider/views/oauth2.py b/passbook/oauth_provider/views/oauth2.py
index 611db920b..e2e6584e4 100644
--- a/passbook/oauth_provider/views/oauth2.py
+++ b/passbook/oauth_provider/views/oauth2.py
@@ -1,17 +1,28 @@
 """passbook OAuth2 Views"""
-
 from logging import getLogger
+from urllib.parse import urlencode
 
 from django.http import Http404
-from django.shortcuts import get_object_or_404
+from django.shortcuts import get_object_or_404, reverse
+from django.utils.translation import ugettext as _
 from oauth2_provider.views.base import AuthorizationView
 
 from passbook.core.views.access import AccessMixin
+from passbook.core.views.utils import LoadingView
 from passbook.oauth_provider.models import OAuth2Provider
 
 LOGGER = getLogger(__name__)
 
 
+class PassbookAuthorizationLoadingView(LoadingView):
+    """Show loading view for permission checks"""
+
+    title = _('Checking permissions...')
+
+    def get_url(self):
+        querystring = urlencode(self.request.GET)
+        return reverse('passbook_oauth_provider:oauth2-ok-authorize')+'?'+querystring
+
 class PassbookAuthorizationView(AccessMixin, AuthorizationView):
     """Custom OAuth2 Authorization View which checks rules, etc"""
 
@@ -31,7 +42,10 @@ class PassbookAuthorizationView(AccessMixin, AuthorizationView):
         if not self.user_has_access(self._application, request.user):
             # TODO: Create a general error class for access denied
             raise Http404
-        return super().dispatch(request, *args, **kwargs)
+        actual_response = super().dispatch(request, *args, **kwargs)
+        if actual_response.status_code == 400:
+            LOGGER.debug(request.GET.get('redirect_uri'))
+        return actual_response
 
     def render_to_response(self, context, **kwargs):
         # Always set is_login to true for correct css class