diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 6e242b26..2772d0d3 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -3,6 +3,5 @@ class ApplicationController < ActionController::Base
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
 
-  include GDS::SSO::ControllerMethods
-  before_action :authenticate_user!
+  include Authentication
 end
diff --git a/app/controllers/concerns/authentication.rb b/app/controllers/concerns/authentication.rb
new file mode 100644
index 00000000..584ce457
--- /dev/null
+++ b/app/controllers/concerns/authentication.rb
@@ -0,0 +1,10 @@
+# Requires a user to be logged in through GDS SSO for any action.
+module Authentication
+  extend ActiveSupport::Concern
+
+  included do
+    include GDS::SSO::ControllerMethods
+
+    before_action :authenticate_user!
+  end
+end