diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb
new file mode 100644
index 0000000..6cad70e
--- /dev/null
+++ b/app/controllers/admin_controller.rb
@@ -0,0 +1,14 @@
+class AdminController < ApplicationController
+  layout "admin"
+
+  before_action :authenticate_user_as_admin
+
+  def index
+  end
+
+  private
+
+    def authenticate_user_as_admin
+      head :forbidden unless Current.user&.admin?
+    end
+end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index faa1473..ae34bf5 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -4,7 +4,6 @@ class ApplicationController < ActionController::Base
   private
 
     def authenticate
-      Rails.logger.error "Session: #{session.inspect}"
       if authenticated_user = User.find_by(id: session[:user_id])
         Current.user = authenticated_user
       else
diff --git a/app/views/admin/index.html.erb b/app/views/admin/index.html.erb
new file mode 100644
index 0000000..6547a62
--- /dev/null
+++ b/app/views/admin/index.html.erb
@@ -0,0 +1 @@
+<%= t(".intro") %>
diff --git a/app/views/layouts/admin.html.erb b/app/views/layouts/admin.html.erb
new file mode 100644
index 0000000..2f4221c
--- /dev/null
+++ b/app/views/layouts/admin.html.erb
@@ -0,0 +1,9 @@
+<% content_for :submenu do %>
+  <h2><%= t("administration") %>: <%= content_for :title %></h2>
+  <nav>
+    <ul>
+    </ul>
+  </nav>
+<% end %>
+
+<%= render template: "layouts/application" %>
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index fccf529..9e66d07 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -19,6 +19,9 @@
         <ul>
           <% if logged_in? %>
             <li><%= link_to t("log_out"), logout_path, data: {turbo_method: :delete} %></li>
+            <% if Current.user.admin? %>
+              <li><%= link_to t("administration"), admin_index_path %></li>
+            <% end %>
           <% else %>
             <li><%= link_to t("log_in"), login_path %></li>
             <li><%= link_to t("sign_up"), new_user_path %></li>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index a587c3e..69e293e 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -1,5 +1,6 @@
 en:
   site_name: Tabletop Companion
+  administration: Administration
   log_in: Log in
   log_out: Log out
   sign_up: Sign up
@@ -15,6 +16,9 @@ en:
     show:
       success: "Thanks for verifying your email address! You can now log in."
       error: "Invalid token, could not verify your account."
+  admin:
+    index:
+      intro: With great power comes great responsibility
   sessions:
     create:
       success: "Hello, %{name}!"
diff --git a/config/routes.rb b/config/routes.rb
index a77c26a..dad18fd 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -12,5 +12,7 @@ Rails.application.routes.draw do
 
   resources :tables, only: [ :index ]
 
+  resources :admin, only: [ :index ]
+
   get "up" => "rails/health#show", as: :rails_health_check
 end
diff --git a/test/controllers/admin_controller_test.rb b/test/controllers/admin_controller_test.rb
new file mode 100644
index 0000000..04e8ce1
--- /dev/null
+++ b/test/controllers/admin_controller_test.rb
@@ -0,0 +1,20 @@
+require "test_helper"
+
+class AdminControllerTest < ActionDispatch::IntegrationTest
+  test "should get index if signed in as admin" do
+    sign_in users(:admin)
+    get admin_index_url
+    assert_response :success
+  end
+
+  test "should not get index if signed in as non-admin user" do
+    sign_in users(:trevor)
+    get admin_index_url
+    assert_response :forbidden
+  end
+
+  test "should not get index if not signed in" do
+    get admin_index_url
+    assert_redirected_to login_path
+  end
+end
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
index 23b42fc..355a319 100644
--- a/test/fixtures/users.yml
+++ b/test/fixtures/users.yml
@@ -16,6 +16,12 @@ unverified:
   last_name: User
   verified: false
 
+admin:
+  <<: *DEFAULTS
+  first_name: Admin
+  last_name: User
+  site_roles: admin
+
 <% 1.upto(10) do |i| %>
 user_<%= i %>:
   <<: *DEFAULTS
diff --git a/test/test_helper.rb b/test/test_helper.rb
index 78276a1..9f81546 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -21,5 +21,9 @@ module ActiveSupport
     def attr_name(klass, attr)
       klass.human_attribute_name(attr)
     end
+
+    def sign_in(user, password: "password")
+      post sessions_path, params: { username: user.username, password: password }
+    end
   end
 end
