diff --git a/src/applications/files/controller/PhabricatorFileDataController.php b/src/applications/files/controller/PhabricatorFileDataController.php
--- a/src/applications/files/controller/PhabricatorFileDataController.php
+++ b/src/applications/files/controller/PhabricatorFileDataController.php
@@ -10,6 +10,10 @@
     return false;
   }
 
+  public function shouldAllowPartialSessions() {
+    return true;
+  }
+
   public function handleRequest(AphrontRequest $request) {
     $viewer = $request->getViewer();
     $this->phid = $request->getURIData('phid');
diff --git a/src/applications/people/engineextension/PeopleMainMenuBarExtension.php b/src/applications/people/engineextension/PeopleMainMenuBarExtension.php
--- a/src/applications/people/engineextension/PeopleMainMenuBarExtension.php
+++ b/src/applications/people/engineextension/PeopleMainMenuBarExtension.php
@@ -9,6 +9,10 @@
     return $viewer->isLoggedIn();
   }
 
+  public function shouldAllowPartialSessions() {
+    return true;
+  }
+
   public function getExtensionOrder() {
     return 1200;
   }
@@ -65,42 +69,44 @@
     $view = id(new PhabricatorActionListView())
       ->setViewer($viewer);
 
-    $view->addAction(
-      id(new PhabricatorActionView())
-        ->appendChild($user_view));
-
-    $view->addAction(
-      id(new PhabricatorActionView())
-        ->setType(PhabricatorActionView::TYPE_DIVIDER));
-
-    $view->addAction(
-      id(new PhabricatorActionView())
-        ->setName(pht('Profile'))
-        ->setHref('/p/'.$viewer->getUsername().'/'));
-
-    $view->addAction(
-      id(new PhabricatorActionView())
-        ->setName(pht('Settings'))
-        ->setHref('/settings/user/'.$viewer->getUsername().'/'));
-
-    $view->addAction(
-      id(new PhabricatorActionView())
-        ->setName(pht('Manage'))
-        ->setHref('/people/manage/'.$viewer->getID().'/'));
-
-    if ($application) {
-      $help_links = $application->getHelpMenuItems($viewer);
-      if ($help_links) {
-        foreach ($help_links as $link) {
-          $view->addAction($link);
+    if ($this->getIsFullSession()) {
+      $view->addAction(
+        id(new PhabricatorActionView())
+          ->appendChild($user_view));
+
+      $view->addAction(
+        id(new PhabricatorActionView())
+          ->setType(PhabricatorActionView::TYPE_DIVIDER));
+
+      $view->addAction(
+        id(new PhabricatorActionView())
+          ->setName(pht('Profile'))
+          ->setHref('/p/'.$viewer->getUsername().'/'));
+
+      $view->addAction(
+        id(new PhabricatorActionView())
+          ->setName(pht('Settings'))
+          ->setHref('/settings/user/'.$viewer->getUsername().'/'));
+
+      $view->addAction(
+        id(new PhabricatorActionView())
+          ->setName(pht('Manage'))
+          ->setHref('/people/manage/'.$viewer->getID().'/'));
+
+      if ($application) {
+        $help_links = $application->getHelpMenuItems($viewer);
+        if ($help_links) {
+          foreach ($help_links as $link) {
+            $view->addAction($link);
+          }
         }
       }
-    }
 
-    $view->addAction(
-      id(new PhabricatorActionView())
-        ->addSigil('logout-item')
-        ->setType(PhabricatorActionView::TYPE_DIVIDER));
+      $view->addAction(
+        id(new PhabricatorActionView())
+          ->addSigil('logout-item')
+          ->setType(PhabricatorActionView::TYPE_DIVIDER));
+    }
 
     $view->addAction(
       id(new PhabricatorActionView())
diff --git a/src/view/page/menu/PhabricatorMainMenuBarExtension.php b/src/view/page/menu/PhabricatorMainMenuBarExtension.php
--- a/src/view/page/menu/PhabricatorMainMenuBarExtension.php
+++ b/src/view/page/menu/PhabricatorMainMenuBarExtension.php
@@ -5,6 +5,7 @@
   private $viewer;
   private $application;
   private $controller;
+  private $isFullSession;
 
   public function setViewer(PhabricatorUser $viewer) {
     $this->viewer = $viewer;
@@ -33,6 +34,15 @@
     return $this->controller;
   }
 
+  public function setIsFullSession($is_full_session) {
+    $this->isFullSession = $is_full_session;
+    return $this;
+  }
+
+  public function getIsFullSession() {
+    return $this->isFullSession;
+  }
+
   final public function getExtensionKey() {
     return $this->getPhobjectClassConstant('MAINMENUBARKEY');
   }
@@ -41,6 +51,10 @@
     return true;
   }
 
+  public function shouldAllowPartialSessions() {
+    return false;
+  }
+
   public function isExtensionEnabledForViewer(PhabricatorUser $viewer) {
     if (!$viewer->isLoggedIn()) {
       return false;
diff --git a/src/view/page/menu/PhabricatorMainMenuView.php b/src/view/page/menu/PhabricatorMainMenuView.php
--- a/src/view/page/menu/PhabricatorMainMenuView.php
+++ b/src/view/page/menu/PhabricatorMainMenuView.php
@@ -46,7 +46,9 @@
     $app_button = '';
     $aural = null;
 
-    if ($viewer->isLoggedIn() && $viewer->isUserActivated()) {
+    $is_full = $this->isFullSession($viewer);
+
+    if ($is_full) {
       list($menu, $dropdowns, $aural) = $this->renderNotificationMenu();
       if (array_filter($menu)) {
         $alerts[] = $menu;
@@ -54,14 +56,18 @@
       $menu_bar = array_merge($menu_bar, $dropdowns);
       $app_button = $this->renderApplicationMenuButton();
       $search_button = $this->renderSearchMenuButton($header_id);
-    } else {
+    } else if (!$viewer->isLoggedIn()) {
       $app_button = $this->renderApplicationMenuButton();
       if (PhabricatorEnv::getEnvConfig('policy.allow-public')) {
         $search_button = $this->renderSearchMenuButton($header_id);
       }
     }
 
-    $search_menu = $this->renderPhabricatorSearchMenu();
+    if ($search_button) {
+      $search_menu = $this->renderPhabricatorSearchMenu();
+    } else {
+      $search_menu = null;
+    }
 
     if ($alerts) {
       $alerts = javelin_tag(
@@ -84,7 +90,9 @@
 
     $extensions = PhabricatorMainMenuBarExtension::getAllEnabledExtensions();
     foreach ($extensions as $extension) {
-      $extension->setViewer($viewer);
+      $extension
+        ->setViewer($viewer)
+        ->setIsFullSession($is_full);
 
       $controller = $this->getController();
       if ($controller) {
@@ -96,6 +104,14 @@
       }
     }
 
+    if (!$is_full) {
+      foreach ($extensions as $key => $extension) {
+        if (!$extension->shouldAllowPartialSessions()) {
+          unset($extensions[$key]);
+        }
+      }
+    }
+
     foreach ($extensions as $key => $extension) {
       if (!$extension->isExtensionEnabledForViewer($extension->getViewer())) {
         unset($extensions[$key]);
@@ -677,4 +693,38 @@
     );
   }
 
+  private function isFullSession(PhabricatorUser $viewer) {
+    if (!$viewer->isLoggedIn()) {
+      return false;
+    }
+
+    if (!$viewer->isUserActivated()) {
+      return false;
+    }
+
+    if (!$viewer->hasSession()) {
+      return false;
+    }
+
+    $session = $viewer->getSession();
+    if ($session->getIsPartial()) {
+      return false;
+    }
+
+    if (!$session->getSignedLegalpadDocuments()) {
+      return false;
+    }
+
+    $mfa_key = 'security.require-multi-factor-auth';
+    $need_mfa = PhabricatorEnv::getEnvConfig($mfa_key);
+    if ($need_mfa) {
+      $have_mfa = $viewer->getIsEnrolledInMultiFactor();
+      if (!$have_mfa) {
+        return false;
+      }
+    }
+
+    return true;
+  }
+
 }