diff --git a/goosebit/ui/bff/routes.py b/goosebit/ui/bff/routes.py
index fa29e9ec..1e2d2985 100644
--- a/goosebit/ui/bff/routes.py
+++ b/goosebit/ui/bff/routes.py
@@ -1,10 +1,12 @@
 from __future__ import annotations
 
-from fastapi import APIRouter
+from fastapi import APIRouter, Depends
+
+from goosebit.auth import validate_current_user
 
 from . import devices, download, rollouts, software
 
-router = APIRouter(prefix="/bff", tags=["bff"])
+router = APIRouter(prefix="/bff", tags=["bff"], dependencies=[Depends(validate_current_user)])
 router.include_router(devices.router)
 router.include_router(software.router)
 router.include_router(rollouts.router)
diff --git a/goosebit/ui/routes.py b/goosebit/ui/routes.py
index 33c394fd..18011f47 100644
--- a/goosebit/ui/routes.py
+++ b/goosebit/ui/routes.py
@@ -11,18 +11,18 @@
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="login")
 
-router = APIRouter(prefix="/ui", dependencies=[Depends(redirect_if_unauthenticated)], include_in_schema=False)
+router = APIRouter(prefix="/ui", include_in_schema=False)
 router.include_router(bff.router)
 
 
-@router.get("")
+@router.get("", dependencies=[Depends(redirect_if_unauthenticated)])
 async def ui_root(request: Request):
     return RedirectResponse(request.url_for("devices_ui"))
 
 
 @router.get(
     "/devices",
-    dependencies=[Security(validate_user_permissions, scopes=["device.read"])],
+    dependencies=[Depends(redirect_if_unauthenticated), Security(validate_user_permissions, scopes=["device.read"])],
 )
 @nav.route("Devices", permissions="device.read")
 async def devices_ui(request: Request):
@@ -31,7 +31,7 @@ async def devices_ui(request: Request):
 
 @router.get(
     "/software",
-    dependencies=[Security(validate_user_permissions, scopes=["software.read"])],
+    dependencies=[Depends(redirect_if_unauthenticated), Security(validate_user_permissions, scopes=["software.read"])],
 )
 @nav.route("Software", permissions="software.read")
 async def software_ui(request: Request):
@@ -40,7 +40,7 @@ async def software_ui(request: Request):
 
 @router.get(
     "/rollouts",
-    dependencies=[Security(validate_user_permissions, scopes=["rollout.read"])],
+    dependencies=[Depends(redirect_if_unauthenticated), Security(validate_user_permissions, scopes=["rollout.read"])],
 )
 @nav.route("Rollouts", permissions="rollout.read")
 async def rollouts_ui(request: Request):
@@ -49,7 +49,7 @@ async def rollouts_ui(request: Request):
 
 @router.get(
     "/logs/{dev_id}",
-    dependencies=[Security(validate_user_permissions, scopes=["device.read"])],
+    dependencies=[Depends(redirect_if_unauthenticated), Security(validate_user_permissions, scopes=["device.read"])],
 )
 async def logs_ui(request: Request, dev_id: str):
     return templates.TemplateResponse(request, "logs.html.jinja", context={"title": "Log", "device": dev_id})
diff --git a/goosebit/ui/templates/nav.html.jinja b/goosebit/ui/templates/nav.html.jinja
index 93933a5e..875ddb9e 100644
--- a/goosebit/ui/templates/nav.html.jinja
+++ b/goosebit/ui/templates/nav.html.jinja
@@ -60,7 +60,18 @@
                 box-shadow: none!important;
             }
         </style>
-        <script>const TABLE_UPDATE_TIME = 3000;</script>
+        <script>
+            const TABLE_UPDATE_TIME = 3000;
+            DataTable.ext.errMode = function ( e, settings, helpPage, message ) {
+                if (e.jqXHR.status == 401) {
+                    window.location.reload();
+                } else if (e.jqXHR.status >= 200 && e.jqXHR.status < 300) {
+                    console.error("AJAX query error when reloading datatable");
+                }
+                console.error("Unknown error when reloading datatable");
+            };
+
+        </script>
         <script src="{{ url_for('static', path='js/util.js') }}"></script>
     </head>
     <body data-bs-theme="dark">