diff --git a/application/single_app/functions_settings.py b/application/single_app/functions_settings.py
index 5fa59f12..d9f4aa73 100644
--- a/application/single_app/functions_settings.py
+++ b/application/single_app/functions_settings.py
@@ -258,6 +258,9 @@ def get_settings(use_cosmos=False):
         'max_file_size_mb': 150,
         'conversation_history_limit': 10,
         'default_system_prompt': '',
+        # Access denied message shown on the home page when a signed-in user lacks required roles
+        # Default is hard-coded; admins can override via Admin Settings (persisted in Cosmos DB)
+        'access_denied_message': 'You are logged in but do not have the required permissions to access this application.\nPlease contact an administrator for access.',
         'enable_file_processing_logs': True,
         'file_processing_logs_timer_enabled': False,
         'file_timer_value': 1,
diff --git a/application/single_app/route_frontend_admin_settings.py b/application/single_app/route_frontend_admin_settings.py
index ae361984..f06f3c25 100644
--- a/application/single_app/route_frontend_admin_settings.py
+++ b/application/single_app/route_frontend_admin_settings.py
@@ -862,6 +862,7 @@ def is_valid_url(url):
                 'max_file_size_mb': max_file_size_mb,
                 'conversation_history_limit': conversation_history_limit,
                 'default_system_prompt': form_data.get('default_system_prompt', '').strip(),
+                'access_denied_message': form_data.get('access_denied_message', '').strip(),
 
                 # Video file settings with Azure Video Indexer Settings
                 'video_indexer_endpoint': form_data.get('video_indexer_endpoint', video_indexer_endpoint).strip(),
diff --git a/application/single_app/templates/admin_settings.html b/application/single_app/templates/admin_settings.html
index 70edcc45..d7139484 100644
--- a/application/single_app/templates/admin_settings.html
+++ b/application/single_app/templates/admin_settings.html
@@ -1427,6 +1427,11 @@ <h5>
                         <label for="default_system_prompt" class="form-label">Default System Prompt</label>
                         <textarea class="form-control" id="default_system_prompt" name="default_system_prompt"
                             rows="5">{{ settings.default_system_prompt }}</textarea>
+
+                        <div class="mt-3"></div>
+                        <label for="access_denied_message" class="form-label">Access Denied Message</label>
+                        <textarea class="form-control" id="access_denied_message" name="access_denied_message"
+                            rows="3" placeholder="Shown to signed-in users without required roles">{{ settings.access_denied_message }}</textarea>
                     </div>
                 </div>
             </div>
diff --git a/application/single_app/templates/index.html b/application/single_app/templates/index.html
index 7a146e0d..c5c747a1 100644
--- a/application/single_app/templates/index.html
+++ b/application/single_app/templates/index.html
@@ -62,8 +62,7 @@
     {% else %}
         {% if session.get('user') %}
             <p class="lead">
-                You are logged in but do not have the required permissions to access this application.
-                Please submit a ticket to request access.
+                {{ (app_settings.access_denied_message or 'You are logged in but do not have the required permissions to access this application. Please submit a ticket to request access.') | e | replace('\n','<br>') | safe }}
             </p>
         {% else %}
             <div>