diff --git a/app/models/ability.rb b/app/models/ability.rb
index 5846c7fee..c3d4fb430 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -100,7 +100,7 @@ def initialize(user)
       can %i[read], Activity do |activity|
         activity.doi.findable? || activity.doi.provider_id == user.provider_id
       end
-    elsif user.role_id == "client_admin" && user.client_id.present?
+    elsif user.role_id == "client_admin" && user.client_id.present? && user.client.is_active == "\x01"
       can %i[read], Provider
       can %i[read update read_contact_information], Client, symbol: user.client_id.upcase
       can %i[read], ClientPrefix, client_id: user.client_id
@@ -134,6 +134,17 @@ def initialize(user)
       can %i[read], Activity do |activity|
         activity.doi.findable? || activity.doi.client_id == user.client_id
       end
+    elsif user.role_id == "client_admin" && user.client_id.present?
+      can %i[read], Provider
+      can %i[read read_contact_information], Client, symbol: user.client_id.upcase
+      can %i[read], ClientPrefix, client_id: user.client_id
+      can %i[read], Doi, client_id: user.client_id
+      can %i[read], Doi
+      can %i[read], User
+      can %i[read], Phrase
+      can %i[read], Activity do |activity|
+        activity.doi.findable? || activity.doi.client_id == user.client_id
+      end
     elsif user.role_id == "client_user" && user.client_id.present?
       can %i[read], Provider
       can %i[read read_contact_information], Client, symbol: user.client_id.upcase
diff --git a/spec/models/ability_spec.rb b/spec/models/ability_spec.rb
index e5ec1b7c1..950c94500 100644
--- a/spec/models/ability_spec.rb
+++ b/spec/models/ability_spec.rb
@@ -108,6 +108,49 @@
       it { is_expected.to be_able_to(:destroy, doi) }
     end
 
+    context "when is a client admin inactive" do
+      let(:client) { create(:client, provider: provider, is_active: false) }
+      let(:token) do
+        User.generate_token(
+          role_id: "client_admin",
+          provider_id: provider.symbol.downcase,
+          client_id: client.symbol.downcase,
+        )
+      end
+
+      it { is_expected.to be_able_to(:read, user) }
+      it { is_expected.to be_able_to(:read, provider) }
+
+      it { is_expected.not_to be_able_to(:create, provider) }
+      it { is_expected.not_to be_able_to(:update, provider) }
+      it { is_expected.not_to be_able_to(:destroy, provider) }
+      it { is_expected.not_to be_able_to(:read_billing_information, provider) }
+      it { is_expected.not_to be_able_to(:read_contact_information, provider) }
+
+      it { is_expected.to be_able_to(:read, client) }
+      it { is_expected.not_to be_able_to(:create, client) }
+      it { is_expected.not_to be_able_to(:update, client) }
+      it { is_expected.not_to be_able_to(:destroy, client) }
+      it { is_expected.not_to be_able_to(:transfer, client) }
+      it { is_expected.to be_able_to(:read_contact_information, client) }
+
+      it { is_expected.not_to be_able_to(:read, prefix) }
+      it { is_expected.not_to be_able_to(:create, prefix) }
+      it { is_expected.not_to be_able_to(:update, prefix) }
+      it { is_expected.not_to be_able_to(:destroy, prefix) }
+
+      it { is_expected.to be_able_to(:read, client_prefix) }
+      it { is_expected.not_to be_able_to(:create, client_prefix) }
+      it { is_expected.not_to be_able_to(:update, client_prefix) }
+      it { is_expected.not_to be_able_to(:destroy, client_prefix) }
+
+      it { is_expected.to be_able_to(:read, doi) }
+      it { is_expected.not_to be_able_to(:transfer, doi) }
+      it { is_expected.not_to be_able_to(:create, doi) }
+      it { is_expected.not_to be_able_to(:update, doi) }
+      it { is_expected.not_to be_able_to(:destroy, doi) }
+    end
+
     context "when is a client user" do
       let(:token) do
         User.generate_token(