diff --git a/app/capabilities.js b/app/capabilities.js
index 9d534efb..aa5cb60a 100644
--- a/app/capabilities.js
+++ b/app/capabilities.js
@@ -1,3 +1,4 @@
+/* global AUTH_CONFIG */
 import { browserName } from './utils';
 
 async function checkCrypto() {
@@ -64,9 +65,9 @@ export default async function capabilities() {
   const crypto = await checkCrypto();
   const nativeStreams = checkStreams();
   const polyStreams = nativeStreams ? false : polyfillStreams();
-  let account = false;
+  let account = typeof AUTH_CONFIG !== 'undefined';
   try {
-    account = !!localStorage;
+    account = account && !!localStorage;
   } catch (e) {
     // nevermind
   }
diff --git a/server/config.js b/server/config.js
index 0099e4ce..314dd2b7 100644
--- a/server/config.js
+++ b/server/config.js
@@ -132,7 +132,7 @@ const conf = convict({
   },
   fxa_client_id: {
     format: String,
-    default: 'b50ec33d3c9beb6d', // localhost
+    default: '', // disabled
     env: 'FXA_CLIENT_ID'
   }
 });
diff --git a/server/routes/jsconfig.js b/server/routes/jsconfig.js
index da03c55d..52c58fe0 100644
--- a/server/routes/jsconfig.js
+++ b/server/routes/jsconfig.js
@@ -29,8 +29,12 @@ if (config.analytics_id) {
 }
 
 module.exports = async function(req, res) {
-  const fxaConfig = await getFxaConfig();
-  fxaConfig.client_id = config.fxa_client_id;
+  let authConfig = '';
+  if (config.fxa_client_id) {
+    const fxaConfig = await getFxaConfig();
+    fxaConfig.client_id = config.fxa_client_id;
+    authConfig = `var AUTH_CONFIG = ${JSON.stringify(fxaConfig)};`;
+  }
   /* eslint-disable no-useless-escape */
   const jsconfig = `
   var isIE = /trident\\\/7\.|msie/i.test(navigator.userAgent);
@@ -53,7 +57,7 @@ module.exports = async function(req, res) {
   var DEFAULTS = {
     EXPIRE_SECONDS: ${config.default_expire_seconds}
   };
-  var AUTH_CONFIG = ${JSON.stringify(fxaConfig)};
+  ${authConfig};
   ${ga}
   ${sentry}
   `;