diff --git a/agent/consul/internal_endpoint_test.go b/agent/consul/internal_endpoint_test.go
index f845da827f..9c96b3d7e0 100644
--- a/agent/consul/internal_endpoint_test.go
+++ b/agent/consul/internal_endpoint_test.go
@@ -1721,6 +1721,7 @@ func TestInternal_ServiceTopology(t *testing.T) {
 
 			expectUp := map[string]structs.IntentionDecisionSummary{
 				web.String(): {
+					DefaultAllow:   true,
 					Allowed:        false,
 					HasPermissions: false,
 					ExternalSource: "nomad",
@@ -1749,6 +1750,7 @@ func TestInternal_ServiceTopology(t *testing.T) {
 
 			expectDown := map[string]structs.IntentionDecisionSummary{
 				api.String(): {
+					DefaultAllow:   true,
 					Allowed:        false,
 					HasPermissions: false,
 					ExternalSource: "nomad",
@@ -1764,6 +1766,7 @@ func TestInternal_ServiceTopology(t *testing.T) {
 
 			expectUp := map[string]structs.IntentionDecisionSummary{
 				redis.String(): {
+					DefaultAllow:   true,
 					Allowed:        false,
 					HasPermissions: true,
 					HasExact:       true,
@@ -1791,6 +1794,7 @@ func TestInternal_ServiceTopology(t *testing.T) {
 
 			expectDown := map[string]structs.IntentionDecisionSummary{
 				web.String(): {
+					DefaultAllow:   true,
 					Allowed:        false,
 					HasPermissions: true,
 					HasExact:       true,
diff --git a/agent/consul/state/intention.go b/agent/consul/state/intention.go
index 418e3ee8d3..476889c187 100644
--- a/agent/consul/state/intention.go
+++ b/agent/consul/state/intention.go
@@ -750,10 +750,12 @@ func (s *Store) IntentionDecision(
 		}
 	}
 
-	var resp structs.IntentionDecisionSummary
+	resp := structs.IntentionDecisionSummary{
+		DefaultAllow: defaultDecision == acl.Allow,
+	}
 	if ixnMatch == nil {
 		// No intention found, fall back to default
-		resp.Allowed = defaultDecision == acl.Allow
+		resp.Allowed = resp.DefaultAllow
 		return resp, nil
 	}
 
diff --git a/agent/consul/state/intention_test.go b/agent/consul/state/intention_test.go
index 39d564b097..ffd5c96749 100644
--- a/agent/consul/state/intention_test.go
+++ b/agent/consul/state/intention_test.go
@@ -1774,7 +1774,10 @@ func TestStore_IntentionDecision(t *testing.T) {
 			dst:             "ditto",
 			matchType:       structs.IntentionMatchDestination,
 			defaultDecision: acl.Deny,
-			expect:          structs.IntentionDecisionSummary{Allowed: false},
+			expect: structs.IntentionDecisionSummary{
+				Allowed:      false,
+				DefaultAllow: false,
+			},
 		},
 		{
 			name:            "no matching intention and default allow",
@@ -1782,7 +1785,10 @@ func TestStore_IntentionDecision(t *testing.T) {
 			dst:             "ditto",
 			matchType:       structs.IntentionMatchDestination,
 			defaultDecision: acl.Allow,
-			expect:          structs.IntentionDecisionSummary{Allowed: true},
+			expect: structs.IntentionDecisionSummary{
+				Allowed:      true,
+				DefaultAllow: true,
+			},
 		},
 		{
 			name:      "denied with permissions",
diff --git a/agent/structs/intention.go b/agent/structs/intention.go
index 2b33ddad19..f5ef8ebb38 100644
--- a/agent/structs/intention.go
+++ b/agent/structs/intention.go
@@ -666,12 +666,14 @@ type IntentionQueryCheckResponse struct {
 // - Whether all actions are allowed
 // - Whether the matching intention has L7 permissions attached
 // - Whether the intention is managed by an external source like k8s
-// - Whether there is an exact, on-wildcard, intention referencing the two services
+// - Whether there is an exact, or wildcard, intention referencing the two services
+// - Whether ACLs are in DefaultAllow mode
 type IntentionDecisionSummary struct {
 	Allowed        bool
 	HasPermissions bool
 	ExternalSource string
 	HasExact       bool
+	DefaultAllow   bool
 }
 
 // IntentionQueryExact holds the parameters for performing a lookup of an
diff --git a/agent/ui_endpoint_test.go b/agent/ui_endpoint_test.go
index 31638e8ba5..c7651144ed 100644
--- a/agent/ui_endpoint_test.go
+++ b/agent/ui_endpoint_test.go
@@ -1431,6 +1431,7 @@ func TestUIServiceTopology(t *testing.T) {
 							EnterpriseMeta: *structs.DefaultEnterpriseMeta(),
 						},
 						Intention: structs.IntentionDecisionSummary{
+							DefaultAllow:   true,
 							Allowed:        true,
 							HasPermissions: false,
 							HasExact:       true,
@@ -1474,6 +1475,7 @@ func TestUIServiceTopology(t *testing.T) {
 							EnterpriseMeta: *structs.DefaultEnterpriseMeta(),
 						},
 						Intention: structs.IntentionDecisionSummary{
+							DefaultAllow:   true,
 							Allowed:        true,
 							HasPermissions: false,
 							HasExact:       true,
@@ -1493,6 +1495,7 @@ func TestUIServiceTopology(t *testing.T) {
 							EnterpriseMeta: *structs.DefaultEnterpriseMeta(),
 						},
 						Intention: structs.IntentionDecisionSummary{
+							DefaultAllow:   true,
 							Allowed:        false,
 							HasPermissions: false,
 							ExternalSource: "nomad",
@@ -1542,6 +1545,7 @@ func TestUIServiceTopology(t *testing.T) {
 							EnterpriseMeta: *structs.DefaultEnterpriseMeta(),
 						},
 						Intention: structs.IntentionDecisionSummary{
+							DefaultAllow:   true,
 							Allowed:        false,
 							HasPermissions: true,
 							HasExact:       true,
@@ -1559,6 +1563,7 @@ func TestUIServiceTopology(t *testing.T) {
 							EnterpriseMeta: *structs.DefaultEnterpriseMeta(),
 						},
 						Intention: structs.IntentionDecisionSummary{
+							DefaultAllow:   true,
 							Allowed:        false,
 							HasPermissions: false,
 							ExternalSource: "nomad",
@@ -1610,6 +1615,7 @@ func TestUIServiceTopology(t *testing.T) {
 							EnterpriseMeta: *structs.DefaultEnterpriseMeta(),
 						},
 						Intention: structs.IntentionDecisionSummary{
+							DefaultAllow:   true,
 							Allowed:        false,
 							HasPermissions: true,
 							HasExact:       true,