diff --git a/lib/ash/authorizer.ex b/lib/ash/authorizer.ex
index 314e70ab..634d85a3 100644
--- a/lib/ash/authorizer.ex
+++ b/lib/ash/authorizer.ex
@@ -36,7 +36,11 @@ defmodule Ash.Authorizer do
     if function_exported?(module, :exception, 2) do
       module.exception(reason, state)
     else
-      Ash.Error.Forbidden.exception([])
+      if reason == :must_pass_strict_check do
+        Ash.Error.Forbidden.MustPassStrictCheck.exception([])
+      else
+        Ash.Error.Forbidden.exception([])
+      end
     end
   end
 
diff --git a/lib/ash/engine/request.ex b/lib/ash/engine/request.ex
index cf81b9af..fe9298f0 100644
--- a/lib/ash/engine/request.ex
+++ b/lib/ash/engine/request.ex
@@ -38,7 +38,6 @@ defmodule Ash.Engine.Request do
   @type t :: %__MODULE__{}
 
   alias Ash.Authorizer
-  alias Ash.Error.Forbidden.MustPassStrictCheck
   alias Ash.Error.Invalid.{DuplicatedPath, ImpossiblePath}
 
   require Ash.Query
@@ -504,6 +503,21 @@ defmodule Ash.Engine.Request do
           :authorized ->
             {:ok, set_authorizer_state(request, authorizer, :authorized), notifications, []}
 
+          {:filter, authorizer_state, filter} ->
+            request
+            |> set_authorizer_state(authorizer, authorizer_state)
+            |> apply_filter(authorizer, filter, true)
+            |> case do
+              {:ok, request} ->
+                {:ok, request, notifications, []}
+
+              {:ok, request, new_notifications, deps} ->
+                {:ok, request, new_notifications ++ notifications, deps}
+
+              other ->
+                other
+            end
+
           {:filter, filter} ->
             request
             |> apply_filter(authorizer, filter, true)
@@ -518,8 +532,13 @@ defmodule Ash.Engine.Request do
                 other
             end
 
-          {:filter_and_continue, _, _} when strict_check_only? ->
-            {:error, MustPassStrictCheck.exception(resource: request.resource)}
+          {:filter_and_continue, _, authorizer_state} when strict_check_only? ->
+            {:error,
+             Authorizer.exception(
+               authorizer,
+               :must_pass_strict_check,
+               authorizer_state
+             )}
 
           {:filter_and_continue, filter, new_authorizer_state} ->
             request
@@ -536,8 +555,13 @@ defmodule Ash.Engine.Request do
                 other
             end
 
-          {:continue, _} when strict_check_only? ->
-            {:error, MustPassStrictCheck.exception(resource: request.resource)}
+          {:continue, authorizer_state} when strict_check_only? ->
+            {:error,
+             Authorizer.exception(
+               authorizer,
+               :must_pass_strict_check,
+               authorizer_state
+             )}
 
           {:continue, authorizer_state} ->
             {:ok, set_authorizer_state(request, authorizer, authorizer_state), notifications, []}
diff --git a/lib/ash/error/forbidden/must_pass_strict_check.ex b/lib/ash/error/forbidden/must_pass_strict_check.ex
index d7e1dcf0..3e263d1c 100644
--- a/lib/ash/error/forbidden/must_pass_strict_check.ex
+++ b/lib/ash/error/forbidden/must_pass_strict_check.ex
@@ -2,15 +2,15 @@ defmodule Ash.Error.Forbidden.MustPassStrictCheck do
   @moduledoc "Used when unreachable code/conditions are reached in the framework"
   use Ash.Error.Exception
 
-  def_ash_error([:resource], class: :forbidden)
+  def_ash_error([], class: :forbidden)
 
   defimpl Ash.ErrorKind do
     def id(_), do: Ash.UUID.generate()
 
     def code(_), do: "must_pass_strict_check"
 
-    def message(%{resource: resource}) do
-      "A request against #{inspect(resource)} was required to pass strict check, but it did not"
+    def message(_) do
+      "The request was required to pass strict check, but it did not"
     end
   end
 end