diff --git a/build.zig b/build.zig
index 93f476b..4463528 100644
--- a/build.zig
+++ b/build.zig
@@ -43,6 +43,7 @@ pub fn build(b: *std.build.Builder) !void {
         .{ .name = "endpoint", .src = "examples/endpoint/main.zig" },
         .{ .name = "wrk", .src = "wrk/zig/main.zig" },
         .{ .name = "mustache", .src = "examples/mustache/mustache.zig" },
+        .{ .name = "endpoint_auth", .src = "examples/endpoint_auth/endpoint_auth.zig" },
     }) |excfg| {
         const ex_name = excfg.name;
         const ex_src = excfg.src;
diff --git a/doc/authentication.md b/doc/authentication.md
index a215b06..ac992ae 100644
--- a/doc/authentication.md
+++ b/doc/authentication.md
@@ -200,6 +200,7 @@ const HTTP_RESPONSE: []const u8 =
     \\ <html><body>
     \\   Hello from ZAP!!!
     \\ </body></html>
+;
 
 // authenticated requests go here
 fn endpoint_http_get(e: *zap.SimpleEndpoint, r: zap.SimpleRequest) void {
@@ -214,40 +215,55 @@ fn endpoint_http_unauthorized(e: *zap.SimpleEndpoint, r: zap.SimpleRequest) void
     r.sendBody("UNAUTHORIZED ACCESS") catch return;
 }
 
+pub fn main() !void {
+    // setup listener
+    var listener = zap.SimpleEndpointListener.init(
+        a,
+        .{
+            .port = 3000,
+            .on_request = null,
+            .log = true,
+            .max_clients = 10,
+            .max_body_size = 1 * 1024,
+        },
+    );
+    defer listener.deinit();
 
-// setup listener
-var listener = zap.SimpleEndpointListener.init(
-    a,
-    .{
-        .port = 3000,
-        .on_request = null,
-        .log = false,
-        .max_clients = 10,
-        .max_body_size = 1 * 1024,
-    },
-);
-defer listener.deinit();
+    // create mini endpoint
+    var ep = zap.SimpleEndpoint.init(.{
+        .path = "/test",
+        .get = endpoint_http_get,
+        .unauthorized = endpoint_http_unauthorized,
+    });
 
-// create mini endpoint
-var ep = zap.SimpleEndpoint.init(.{
-    .path = "/test",
-    .get = endpoint_http_get,
-    .unauthorized = endpoint_http_unauthorized,
-});
+    // create authenticator
+    const Authenticator = zap.BearerAuthSingle;
+    var authenticator = try Authenticator.init(a, token, null);
+    defer authenticator.deinit();
 
-// create authenticator
-const Authenticator = zap.BearerAuthSingle;
-var authenticator = try Authenticator.init(a, token, null);
-defer authenticator.deinit();
+    // create authenticating endpoint
+    const BearerAuthEndpoint = zap.AuthenticatingEndpoint(Authenticator);
+    var auth_ep = BearerAuthEndpoint.init(&ep, &authenticator);
 
-// create authenticating endpoint
-const BearerAuthEndpoint = zap.AuthenticatingEndpoint(Authenticator);
-var auth_ep = BearerAuthEndpoint.init(&ep, &authenticator);
+    try listener.addEndpoint(auth_ep.getEndpoint());
 
-try listener.addEndpoint(auth_ep.getEndpoint());
+    listener.listen() catch {};
+    std.debug.print(
+        \\ Run the following:
+        \\ 
+        \\ curl http://localhost:3000/test -i -H "Authorization: Bearer ABCDEFG" -v
+        \\ curl http://localhost:3000/test -i -H "Authorization: Bearer invalid" -v
+        \\
+        \\ and see what happens
+        \\
+    , .{});
 
-listener.listen() catch {};
-std.debug.print("Listening on 0.0.0.0:3000\n", .{});
+    // start worker threads
+    zap.start(.{
+        .threads = 1,
+        .workers = 1,
+    });
+}
 ```
 
 
diff --git a/examples/endpoint_auth/endpoint_auth.zig b/examples/endpoint_auth/endpoint_auth.zig
new file mode 100644
index 0000000..b6056c1
--- /dev/null
+++ b/examples/endpoint_auth/endpoint_auth.zig
@@ -0,0 +1,74 @@
+const std = @import("std");
+const zap = @import("zap");
+
+const a = std.heap.page_allocator;
+const token = "ABCDEFG";
+
+const HTTP_RESPONSE: []const u8 =
+    \\ <html><body>
+    \\   Hello from ZAP!!!
+    \\ </body></html>
+;
+
+// authenticated requests go here
+fn endpoint_http_get(e: *zap.SimpleEndpoint, r: zap.SimpleRequest) void {
+    _ = e;
+    r.sendBody(HTTP_RESPONSE) catch return;
+}
+
+// just for fun, we also catch the unauthorized callback
+fn endpoint_http_unauthorized(e: *zap.SimpleEndpoint, r: zap.SimpleRequest) void {
+    _ = e;
+    r.setStatus(.unauthorized);
+    r.sendBody("UNAUTHORIZED ACCESS") catch return;
+}
+
+pub fn main() !void {
+    // setup listener
+    var listener = zap.SimpleEndpointListener.init(
+        a,
+        .{
+            .port = 3000,
+            .on_request = null,
+            .log = true,
+            .max_clients = 10,
+            .max_body_size = 1 * 1024,
+        },
+    );
+    defer listener.deinit();
+
+    // create mini endpoint
+    var ep = zap.SimpleEndpoint.init(.{
+        .path = "/test",
+        .get = endpoint_http_get,
+        .unauthorized = endpoint_http_unauthorized,
+    });
+
+    // create authenticator
+    const Authenticator = zap.BearerAuthSingle;
+    var authenticator = try Authenticator.init(a, token, null);
+    defer authenticator.deinit();
+
+    // create authenticating endpoint
+    const BearerAuthEndpoint = zap.AuthenticatingEndpoint(Authenticator);
+    var auth_ep = BearerAuthEndpoint.init(&ep, &authenticator);
+
+    try listener.addEndpoint(auth_ep.getEndpoint());
+
+    listener.listen() catch {};
+    std.debug.print(
+        \\ Run the following:
+        \\ 
+        \\ curl http://localhost:3000/test -i -H "Authorization: Bearer ABCDEFG" -v
+        \\ curl http://localhost:3000/test -i -H "Authorization: Bearer invalid" -v
+        \\
+        \\ and see what happens
+        \\
+    , .{});
+
+    // start worker threads
+    zap.start(.{
+        .threads = 1,
+        .workers = 1,
+    });
+}