diff --git a/src/JobsJobsJobs/Api/Api.fsproj b/src/JobsJobsJobs/Api/Api.fsproj
index 07a33ea..c9f6dd6 100644
--- a/src/JobsJobsJobs/Api/Api.fsproj
+++ b/src/JobsJobsJobs/Api/Api.fsproj
@@ -16,9 +16,14 @@
   <ItemGroup>
     <ProjectReference Include="..\Domain\Domain.fsproj" />
   </ItemGroup>
+
+  <ItemGroup>
+    <Folder Include=".\wwwroot" />
+  </ItemGroup>
   
   <ItemGroup>
     <PackageReference Include="Giraffe" Version="5.0.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="5.0.8" />
     <PackageReference Include="Microsoft.FSharpLu.Json" Version="0.11.7" />
     <PackageReference Include="NodaTime.Serialization.JsonNet" Version="3.0.0" />
     <PackageReference Include="Polly" Version="7.2.2" />
diff --git a/src/JobsJobsJobs/Api/App.fs b/src/JobsJobsJobs/Api/App.fs
index 5c6cf25..c88a7f8 100644
--- a/src/JobsJobsJobs/Api/App.fs
+++ b/src/JobsJobsJobs/Api/App.fs
@@ -15,14 +15,19 @@ let configureApp (app : IApplicationBuilder) =
     .UseCors(fun p -> p.AllowAnyOrigin().AllowAnyHeader() |> ignore)
     .UseStaticFiles()
     .UseRouting()
+    .UseAuthentication()
+    .UseAuthorization()
     .UseEndpoints(fun e ->
         e.MapGiraffeEndpoints Handlers.allEndpoints
         e.MapFallbackToFile "index.html" |> ignore)
   |> ignore
 
 open NodaTime
+open Microsoft.AspNetCore.Authentication.JwtBearer
 open Microsoft.Extensions.Configuration
 open Microsoft.Extensions.Logging
+open Microsoft.IdentityModel.Tokens
+open System.Text
 
 /// Configure dependency injection
 let configureServices (svc : IServiceCollection) =
@@ -30,12 +35,31 @@ let configureServices (svc : IServiceCollection) =
   svc.AddSingleton<IClock> SystemClock.Instance |> ignore
   svc.AddLogging ()                             |> ignore
   svc.AddCors ()                                |> ignore
-  let svcs = svc.BuildServiceProvider()
-  let cfg  = svcs.GetRequiredService<IConfiguration>().GetSection "Rethink"
-  let log  = svcs.GetRequiredService<ILoggerFactory>().CreateLogger (nameof Data.Startup)
-  let conn = Data.Startup.createConnection cfg log
+  
+  let svcs = svc.BuildServiceProvider ()
+  let cfg  = svcs.GetRequiredService<IConfiguration> ()
+  
+  svc.AddAuthentication(fun o ->
+      o.DefaultAuthenticateScheme <- JwtBearerDefaults.AuthenticationScheme
+      o.DefaultChallengeScheme    <- JwtBearerDefaults.AuthenticationScheme
+      o.DefaultScheme             <- JwtBearerDefaults.AuthenticationScheme)
+    .AddJwtBearer(fun o ->
+        o.RequireHttpsMetadata      <- false
+        o.TokenValidationParameters <- TokenValidationParameters (
+          ValidateIssuer   = true,
+          ValidateAudience = true,
+          ValidAudience    = "https://noagendacareers.com",
+          ValidIssuer      = "https://noagendacareers.com",
+          IssuerSigningKey = SymmetricSecurityKey (
+            Encoding.UTF8.GetBytes (cfg.GetSection("Auth").["ServerSecret"]))))
+    |> ignore
+  svc.AddAuthorization () |> ignore
+
+  let dbCfg = cfg.GetSection "Rethink"
+  let log   = svcs.GetRequiredService<ILoggerFactory>().CreateLogger (nameof Data.Startup)
+  let conn  = Data.Startup.createConnection dbCfg log
   svc.AddSingleton conn |> ignore
-  Data.Startup.establishEnvironment cfg log conn |> Data.awaitIgnore
+  Data.Startup.establishEnvironment dbCfg log conn |> Data.awaitIgnore
 
 [<EntryPoint>]
 let main _ =
diff --git a/src/JobsJobsJobs/App/package.json b/src/JobsJobsJobs/App/package.json
index fbba9a8..9021f43 100644
--- a/src/JobsJobsJobs/App/package.json
+++ b/src/JobsJobsJobs/App/package.json
@@ -1,11 +1,12 @@
 {
   "name": "jobs-jobs-jobs",
-  "version": "0.1.0",
+  "version": "1.0.1",
   "private": true,
   "scripts": {
     "serve": "vue-cli-service serve",
     "build": "vue-cli-service build --mode development",
-    "lint": "vue-cli-service lint"
+    "lint": "vue-cli-service lint",
+    "apiserve": "vue-cli-service build --mode development && cd ../Api && dotnet run -c Debug"
   },
   "dependencies": {
     "@mdi/font": "5.9.55",