A protected API wouldn't be much good if you couldn't make requests to it from your Angular app. You can get access to protected API resources by sending the user's access token as an Authorization header in requests. Let's take a look at how to do that manually and also with some help from a library called angular2-jwt.