diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb
index 53f247e..9d45099 100644
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@@ -2,7 +2,6 @@
 
 class Api::BaseController < ApplicationController
   before_action :transform_json_params
-  before_action :authenticate_user!
 
   # Handle JSON parsing errors
   rescue_from JSON::ParserError, with: :handle_json_parse_error
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index f62b909..5033bda 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 class ApplicationController < ActionController::Base
+  before_action :authenticate_user!
+
   rescue_from CanCan::AccessDenied do |exception|
     if current_user.nil?
       redirect_to new_user_session_path
diff --git a/app/controllers/s3_browser_app_controller.rb b/app/controllers/ui_controller.rb
similarity index 69%
rename from app/controllers/s3_browser_app_controller.rb
rename to app/controllers/ui_controller.rb
index 971892d..10f50a2 100644
--- a/app/controllers/s3_browser_app_controller.rb
+++ b/app/controllers/ui_controller.rb
@@ -1,11 +1,10 @@
 # frozen_string_literal: true
 
-class S3BrowserAppController < ApplicationController
+class UiController < ApplicationController
   layout 's3_browser'
-  before_action :authenticate_user!
   before_action :authorize_s3_browser_access!
 
-  def index; end
+  def home; end
 
   private
 
diff --git a/app/models/ability.rb b/app/models/ability.rb
index b6c6bf7..1985722 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -40,7 +40,7 @@ def initialize(user)
     #
     return if user.blank?
 
-    can ACCESS_S3_BROWSER_UI, S3BrowserAppController
+    can ACCESS_S3_BROWSER_UI, UiController
 
     # We can add more Api Controllers and restrict access based on the current user
     # Right now, any authenticated user can access any API
diff --git a/app/s3browser/src/components/ui/notifications/notifications.tsx b/app/s3browser/src/components/ui/notifications/notifications.tsx
index 020061e..3313429 100644
--- a/app/s3browser/src/components/ui/notifications/notifications.tsx
+++ b/app/s3browser/src/components/ui/notifications/notifications.tsx
@@ -6,7 +6,7 @@ export const Notifications = () => {
   const { notifications, dismissNotification } = useNotifications();
 
   return (
-    <ToastContainer position="top-end" className="p-3">
+    <ToastContainer className="p-3 top-15 end-0">
       {notifications.map((notification) => (
         <Notification
           key={notification.id}
diff --git a/app/views/layouts/s3_browser.html.erb b/app/views/layouts/s3_browser.html.erb
index 1064445..1a87af5 100644
--- a/app/views/layouts/s3_browser.html.erb
+++ b/app/views/layouts/s3_browser.html.erb
@@ -17,8 +17,19 @@
 
     <%= yield :head %>
   </head>
-
-    <body id="main-content">
-      <%= yield %>
-    </body>
+  <body id="main-content">
+    <nav class="d-flex py-2 px-5 bg-primary bg-opacity-25 justify-content-end">
+      <% if user_signed_in? %>
+        <% # The sign out route uses a DELETE method to prevent CSRF attacks. %>
+        <p>
+          <%= form_with(url: destroy_user_session_path, method: "delete") do |form| %>
+            <%= form.submit "Sign out", class: "btn btn-light btn-sm" %>
+          <% end %>
+        </p>
+      <% else %>
+        <p><%= link_to 'Sign in', user_session_path %></p>
+      <% end %>
+    </nav>
+    <%= yield %>
+  </body>
 </html>
diff --git a/app/views/s3_browser_app/index.html.erb b/app/views/ui/home.html.erb
similarity index 100%
rename from app/views/s3_browser_app/index.html.erb
rename to app/views/ui/home.html.erb
diff --git a/config/routes.rb b/config/routes.rb
index c7c1dfe..c2d8c76 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -10,9 +10,6 @@
     get '/users/development/sign_in_developer', to: 'users/development#sign_in_developer' if Rails.env.development?
   end
 
-  get '/browse', to: 's3_browser_app#index'
-  get '/browse/*path', to: 's3_browser_app#index'
-
   # S3 Browser API routes
   namespace :api do
     get '/buckets', to: 's3_browser#index_buckets', format: 'json'
@@ -35,5 +32,8 @@
   get 'up' => 'rails/health#show', as: :rails_health_check
 
   # Defines the root path route ("/")
-  root 'pages#home'
+  root 'ui#home'
+
+  # All other routes should be handled by the react application
+  get '*path', to: 'ui#home'
 end
diff --git a/spec/requests/s3_browser_app_controller_spec.rb b/spec/requests/ui_controller_spec.rb
similarity index 89%
rename from spec/requests/s3_browser_app_controller_spec.rb
rename to spec/requests/ui_controller_spec.rb
index f0068ab..1650f97 100644
--- a/spec/requests/s3_browser_app_controller_spec.rb
+++ b/spec/requests/ui_controller_spec.rb
@@ -2,10 +2,10 @@
 
 require 'rails_helper'
 
-describe S3BrowserAppController, type: :request do
+describe UiController, type: :request do
   describe 'index' do
     before do
-      get '/browse'
+      get '/'
     end
 
     context 'as unauthenticated user' do
@@ -23,7 +23,7 @@
 
       before do
         sign_in user
-        get '/browse'
+        get '/'
       end
 
       it 'responds with OK status' do