diff --git a/ApiClient.js b/ApiClient.js
index 4081c31e2..e7025c890 100644
--- a/ApiClient.js
+++ b/ApiClient.js
@@ -13,6 +13,8 @@ var ApiClient = {
 
     serverPortNumber: 8096,
 
+    currentUserId: null,
+
     /**
      * Detects the hostname and port of MB server based on the current url
      */
@@ -36,14 +38,12 @@ var ApiClient = {
             throw new Error("Url name cannot be empty");
         }
 
-        params = params || {};
-
         var url = ApiClient.serverProtocol + "//" + ApiClient.serverHostName + ":" + ApiClient.serverPortNumber + "/mediabrowser/" + name;
 
         if (params) {
             url += "?" + $.param(params);
-
         }
+
         return url;
     },
 
@@ -76,6 +76,10 @@ var ApiClient = {
 
         return "Web Browser";
     },
+    
+    getDeviceId: function() {
+        return SHA1(navigator.userAgent + (navigator.cpuClass || ""));
+    },
 
     /**
      * Creates a custom api url based on a handler name and query string parameters
@@ -89,16 +93,14 @@ var ApiClient = {
         }
 
         params = params || {};
-        params.client = "Dashboard";
-        params.device = ApiClient.getDeviceName();
         params.format = "json";
 
         var url = ApiClient.serverProtocol + "//" + ApiClient.serverHostName + ":" + ApiClient.serverPortNumber + "/mediabrowser/" + name;
 
         if (params) {
             url += "?" + $.param(params);
-
         }
+
         return url;
     },
 
@@ -1063,7 +1065,7 @@ var ApiClient = {
         var postData = {
             password: SHA1(password || "")
         };
-        
+
         return $.ajax({
             type: "POST",
             url: url,
@@ -1380,3 +1382,12 @@ var ApiClient = {
 
 // Do this initially. The consumer can always override later
 ApiClient.inferServerFromUrl();
+
+$(document).ajaxSend(function (event, jqXHR) {
+
+    if (ApiClient.currentUserId) {
+
+        var auth = 'MediaBrowser UserId="' + ApiClient.currentUserId + '", Client="Dashboard", Device="' + ApiClient.getDeviceName() + '", DeviceId="' + ApiClient.getDeviceName() + '"';
+        jqXHR.setRequestHeader("Authorization", auth);
+    }
+});
\ No newline at end of file
diff --git a/Html/scripts/site.js b/Html/scripts/site.js
index c3c842e7c..47f0c8508 100644
--- a/Html/scripts/site.js
+++ b/Html/scripts/site.js
@@ -81,12 +81,14 @@ var Dashboard = {
 
     setCurrentUser: function (userId) {
         localStorage.setItem("userId", userId);
+        ApiClient.currentUserId = userId;
         Dashboard.getUserPromise = null;
     },
 
     logout: function () {
         localStorage.removeItem("userId");
         Dashboard.getUserPromise = null;
+        ApiClient.currentUserId = null;
         window.location = "login.html";
     },
 
@@ -1113,6 +1115,13 @@ var Dashboard = {
                     tag: item.PrimaryImageTag,
                     type: "Primary"
                 });
+                
+                if (!item.Id || data.icon.indexOf("undefined") != -1) {
+                    alert("bad image url: " + JSON.stringify(item));
+                    console.log("bad image url: " + JSON.stringify(item));
+
+                    continue;
+                }
             }
 
             WebNotifications.show(data);
@@ -1200,9 +1209,11 @@ $(document).on('pagebeforeshow', ".page", function () {
 }).on('pageinit', ".page", function () {
 
     var page = $(this);
-    var hasLogin = Dashboard.getCurrentUserId();
+    
+    var userId = Dashboard.getCurrentUserId();
+    ApiClient.currentUserId = userId;
 
-    if (!hasLogin) {
+    if (!userId) {
 
         if (this.id !== "loginPage" && !page.hasClass('wizardPage')) {