"Static websites are all the rage. We still need dynamic elements though - it's rare to have an app that's purely static. From contact forms to image galleries, we can add dynamic functionality and get additional content to render to the page through the use of APIs. However, when it comes to sensitive information, securing your APIs becomes trickier when your application runs in the browser. In this talk, we'll look at the process of going from a simple implementation of a static site to one that allows user authentication to provide access to protected content and functionality."