Occasional agents would have to login to the instance before accessing the API. If the user tries to access the system without logging in it would throw a message asking them to login to the system.