In this blog post I described a technique I use to secure my authentication information on the client in a read only manner. This can be used to perform authentication logic on the client and prevent unnecessary requests to the backend. Even while this is the case, it is necessary to authenticate the backend endpoints to prevent data leakage. If you have any questions, comments, or can think of a way to solve this in the isomorphic environment, please leave a comment.