diff --git a/atst/domain/auth.py b/atst/domain/auth.py
index 4dcb7e22..ee3ff973 100644
--- a/atst/domain/auth.py
+++ b/atst/domain/auth.py
@@ -3,7 +3,7 @@ from flask import g, redirect, url_for, session, request
 from atst.domain.users import Users
 
 
-UNPROTECTED_ROUTES = ["atst.root", "atst.login_dev", "atst.login_redirect", "atst.unauthorized"]
+UNPROTECTED_ROUTES = ["atst.root", "atst.login_dev", "atst.login_redirect", "atst.unauthorized", "static"]
 
 def apply_authentication(app):
     @app.before_request