diff --git a/projects/nshmp-apps/src/app/internal/shared/services/auth.service.ts b/projects/nshmp-apps/src/app/internal/shared/services/auth.service.ts
new file mode 100644
index 0000000000000000000000000000000000000000..b18c00d3e321ace8a40f57b3306d123ba28a4a7e
--- /dev/null
+++ b/projects/nshmp-apps/src/app/internal/shared/services/auth.service.ts
@@ -0,0 +1,49 @@
+import {HttpClient} from '@angular/common/http';
+import {Injectable} from '@angular/core';
+import {NshmpService, SpinnerService} from '@ghsc/nshmp-lib-ng/nshmp';
+import {environment} from 'projects/nshmp-apps/src/environments/environment';
+import {catchError, map} from 'rxjs';
+
+interface AuthResponse {
+  isAuthorized: boolean;
+}
+
+/**
+ * Authorizer for USGS network.
+ */
+@Injectable({
+  providedIn: 'root',
+})
+export class AuthService {
+  private service = environment.webServices.aws;
+  private url = `${this.service.url}${this.service.services.auth}`;
+
+  constructor(
+    private http: HttpClient,
+    private spinnerService: SpinnerService,
+    private nshmpService: NshmpService
+  ) {}
+
+  isAuthorized() {
+    const ref = this.spinnerService.show('Checking USGS network ...');
+
+    return this.http.get<AuthResponse>(this.url).pipe(
+      map(response => {
+        console.log(response);
+        ref.close();
+
+        if (!response.isAuthorized) {
+          this.nshmpService.throwError$(
+            new Error('Must be on USGS network to access internal applications')
+          );
+        }
+
+        return response.isAuthorized;
+      }),
+      catchError((error: Error) => {
+        ref.close();
+        return this.nshmpService.throwError$(error);
+      })
+    );
+  }
+}