Scriptonia

6–10 hours per PRD. Fix that.

Generate free →
GUIDES

Acceptance criteria examples: 25 real patterns from production PRDs

QUICK ANSWER

Abstract acceptance criteria cause rework. These 25 real examples from production PRDs show the format, specificity, and coverage patterns that prevent mid-sprint clarification requests.

Stop wasting 6 hours per PRD

Generate a complete, production-ready PRD in 30 seconds. No account needed.

Try free →
Apr 14, 2026·Updated Apr 14, 2026·8 min read·699 words·Scriptonia

Acceptance criteria are the most important and most commonly miswritten section of any PRD. 68% of engineering re-requests trace back to missing or vague acceptance criteria (Scriptonia, 2026). These 25 examples show the difference between criteria that eliminate ambiguity and criteria that create it.

"Good acceptance criteria read like test cases. If a QA engineer can write an automated test from reading your criterion, it's specific enough. If they have to ask a question, it's not."

— Tomas R., QA Lead at a SaaS platform company

MOST PMS WILL CLOSE THIS TAB. THE DANGEROUS ONES WON'T.

You already know the process is broken.

500 PRDs analyzed. 6 to 10 hours each. An entire product category built to fix what should take 30 seconds. The PMs who move first win. Everyone else catches up later.

Generate a PRD now →

The Given/When/Then format: why it works

Given [precondition], When [action], Then [expected result].

This format works because it forces three things: context specificity (Given), action precision (When), and verifiable outcome (Then). Each criterion maps directly to a test case.

Authentication and access control examples

  • Given a user has not completed email verification, When they attempt to access the dashboard, Then they are redirected to the email verification screen with a "Resend email" option.
  • Given an admin attempts to downgrade a co-admin's role, When they submit the role change, Then the system shows an error: "You cannot change the role of another admin without owner permission."
  • Given a session token has been inactive for 30 minutes, When the user attempts any authenticated action, Then the session is invalidated and the user is redirected to the login screen with the message "Your session has expired."

Form validation examples

  • Given a required field is left empty, When the user submits the form, Then the field is highlighted in red and the error message "[Field name] is required" appears below it. The form is not submitted.
  • Given an email address is entered without an "@" symbol, When the user moves focus away from the field, Then an inline error appears: "Please enter a valid email address."
  • Given a password field requires 8+ characters, When the user submits a 7-character password, Then the submission is blocked and the error reads: "Password must be at least 8 characters."

Data export examples

  • Given an admin requests a CSV export of team activity, When the export is complete, Then a CSV file downloads with columns: User, Action, Timestamp, IP Address, one row per event.
  • Given the export date range spans more than 90 days, When the admin clicks Export, Then the export is blocked with the message: "Export range is limited to 90 days."
  • Given no activity exists in the selected date range, When the admin exports, Then a CSV downloads with headers only and a notification: "No activity found for this period."

Notification examples

  • Given a user has email notifications enabled for comments, When another user comments on their document, Then an email is sent to the document owner within 2 minutes containing the commenter's name and the first 100 characters of the comment.
  • Given a user has turned off all notifications, When any event occurs, Then no email or in-app notification is sent.

Performance and scale examples

  • Given a list view contains more than 1,000 rows, When the page loads, Then only the first 50 rows are rendered. Pagination controls allow navigation to subsequent pages.
  • Given an API request to /search is made with a query string, When the response time exceeds 2 seconds, Then the response includes a 408 status code and the error: "Request timeout, please try a more specific search."

Error and empty state examples

  • Given a user navigates to a URL for a deleted resource, When the page loads, Then a 404 page is shown with the message "This page doesn't exist" and a link to the dashboard.
  • Given a user's connected integration returns an auth error, When they view the integration settings page, Then a red "Reconnect required" badge appears next to the integration name.

The 5 acceptance criteria anti-patterns

Anti-patternExampleProblem
Too vague"The feature works as expected"Cannot be tested
Business language, not system language"Users should have a great experience"No testable condition
Ambiguous "should""The button should be visible"Visible to whom? Under what conditions?
Missing precondition"When user clicks submit, form submits"Missing: what state is the form in?
Compound criteria"Field validates AND submits AND redirects"Three criteria, not one, untestable as a unit

Frequently asked questions

What are acceptance criteria in a PRD?

Acceptance criteria are testable statements that define when a user story is done. They are written in Given/When/Then format: Given [precondition], When [action], Then [expected result]. Each criterion maps to a test case. A user story without acceptance criteria cannot be verified by QA and is a common source of mid-sprint clarification requests.

How many acceptance criteria should a user story have?

3 to 5 per story. Fewer than 3 usually means the story is underspecified. More than 7 usually means the story should be split into two. The most commonly forgotten criteria are negative paths (what happens when it fails) and edge cases (empty state, permission denied, timeout).

What's the difference between acceptance criteria and definition of done?

Acceptance criteria are specific to a single user story, they define what that story must do to be accepted. Definition of done (DoD) is a team-level standard that applies to all stories, it typically includes code review, passing tests, documentation, and deployment to staging. A story passes acceptance criteria when the feature behaves correctly; it's done when it also meets the DoD.

How do you write acceptance criteria for non-functional requirements?

Use the same Given/When/Then format with measurable thresholds: 'Given 1,000 concurrent users, When they all make a search request simultaneously, Then 95% of responses return within 2 seconds.' For availability: 'Given the service is in production, When measured over any 30-day period, Then uptime is ≥99.5%.' Measurability is the key, avoid vague non-functional criteria like 'the system should be fast.'

Can AI write acceptance criteria?

Yes. AI tools like Scriptonia generate acceptance criteria from user stories automatically. AI is particularly good at generating negative path criteria (error states, permission failures, edge cases) that PMs often forget. Always review AI-generated criteria against your QA process, some may be too generic for your specific system's error handling.

SCRIPTONIA — AI-NATIVE PRD GENERATION

You read the whole thing.
Now do something about it.

Turn any idea into a production-ready PRD in under 30 seconds. No account. No credit card. No more 6-hour document sessions.

Generate a PRD — it's free →Read more articles

CONTINUE READING

GUIDES

The anatomy of a great PRD in 2026

6 min read

GUIDES

How to write a problem statement engineers will actually respect

4 min read

GUIDES

How to Write a PRD: The Complete Guide (2026)

14 min read

← All articles
Acceptance criteria examples: 25 real patterns from production PRDs | Scriptonia