diff --git a/client/src/components/Sidebar/Sidebar.js b/client/src/components/Sidebar/Sidebar.js
index d093443..c76f6dd 100644
--- a/client/src/components/Sidebar/Sidebar.js
+++ b/client/src/components/Sidebar/Sidebar.js
@@ -6,6 +6,7 @@ import axios from 'axios';
 
 const Sidebar = props => {
   const email = localStorage.getItem('email');
+  const authToken = localStorage.getItem('authToken');
   const [friends, setFriends] = useState([]);
   const [approveInvite, setApproveInvite] = useState('');
   const [pendingRequests, setPendingRequests] = useState([]);
@@ -23,7 +24,7 @@ const Sidebar = props => {
 
     if(action === 'approve') {
       const approvedRes = await axios.put(`http://localhost:3001/invitations/user/${email}/approve`, 
-                                      {  'from_email': fromEmail });
+                                      {  'from_email': fromEmail }, {headers: { Authorization: authToken}});
       if(approvedRes.data.approved && approvedRes.data.from_user_email === fromEmail){
         setApproveInvite(`${fromEmail} is now your friend`);
         loadFriends();
@@ -31,7 +32,7 @@ const Sidebar = props => {
     }
     else if(action === 'reject') {
       const rejectedRes = await axios.put(`http://localhost:3001/invitations/user/${email}/reject`, 
-                                      {  'from_email': fromEmail });
+                                      {  'from_email': fromEmail }, {headers: { Authorization: authToken}});
       if(rejectedRes.data.rejected){
         setApproveInvite(`You have declined ${fromEmail}'s request`);
       }
@@ -41,7 +42,7 @@ const Sidebar = props => {
   }
 
   const loadPendingRequests = async() => {
-    const res = await axios.get(`http://localhost:3001/invitations/user/requests/${email}`);
+    const res = await axios.get(`http://localhost:3001/invitations/user/requests/${email}`, {headers: { Authorization: authToken}});
     if(res.data.invitations && res.data.invitations.length !== 0){
      setPendingRequests(res.data.invitations);
     }
@@ -51,7 +52,7 @@ const Sidebar = props => {
   }
 
   const loadPendingInvites = async() => {
-    const res = await axios.get(`http://localhost:3001/invitations/user/${email}`);
+    const res = await axios.get(`http://localhost:3001/invitations/user/${email}`, {headers: { Authorization: authToken}});
     if(res.data.invitations && res.data.invitations.length !== 0){
      setPendingInvites(res.data.invitations);
     }
@@ -61,7 +62,7 @@ const Sidebar = props => {
   }
 
   const loadFriends = async() => {
-    const res = await axios.get(`http://localhost:3001/invitations/user/${email}/contacts`);
+    const res = await axios.get(`http://localhost:3001/invitations/user/${email}/contacts`, {headers: { Authorization: authToken}});
     if(res.data.contacts.length !== 0){
      setFriends(res.data.contacts);
     }
diff --git a/server/app.js b/server/app.js
index 42417c7..2b8032e 100644
--- a/server/app.js
+++ b/server/app.js
@@ -38,7 +38,7 @@ require("./controllers/passportJwtStrategy")(passport);
 app.use("/", indexRouter);
 app.use("/ping", pingRouter);
 app.use("/conversations", conversationRouter);
-app.use("/invitations", invitationRouter);
+app.use("/invitations", passport.authenticate('jwt', { session: false}), invitationRouter);
 app.use("/user", userRouter);
 
 //connect to mongodb