Next.js

Special Files: not-found, forbidden, unauthorized & global-error

28 min Lesson 63 of 80

Special Files: not-found, forbidden, unauthorized & global-error

This lesson expands the Next.js path with an advanced topic from the official Next.js documentation. The goal is not only to memorize an option or file name, but to understand its impact on rendering, caching, security, and deployment.

After this lesson you should be able to apply the topic in a real project, choose the right boundary for it, and explain it as a reviewable engineering decision.

Core Concepts

not-found.tsx
forbidden.tsx
unauthorized.tsx
error.tsx
global-error.tsx

Practical Example

// app/admin/page.tsx
import { forbidden } from 'next/navigation'

export default async function AdminPage() {
  const user = await requireUser()
  if (user.role !== 'admin') forbidden()
  return <AdminDashboard />
}

// app/admin/forbidden.tsx
export default function Forbidden() {
  return <h1>You do not have access to this admin area.</h1>
}

This lesson is aligned with these official Next.js documentation areas: Special file convention docs.

Why It Matters

In production applications, this topic affects page speed, data freshness, authorization clarity, and operational reliability after deployment.

Implementation Workflow

Decide whether the data is public or user-specific.
Choose the smallest part of the tree that needs this behavior.
Connect the example to a real route and add a small verification check.
Document the effect on caching and deployment.

Hands-on Practice

Add not-found and forbidden states to a protected project route and test both paths.

For private tenant resources, returning notFound may be safer than revealing that a forbidden resource exists.

Summary

Judge the implementation by how clear the decision is, whether the behavior is correct after build, and how easily it can be traced in production.