diff --git a/src/proxyauth.js b/src/proxyauth.js
index fff273eb8..442246e6e 100644
--- a/src/proxyauth.js
+++ b/src/proxyauth.js
@@ -7,7 +7,8 @@ exports = module.exports = {
     stop
 };
 
-const assert = require('assert'),
+const apps = require('./apps.js'),
+    assert = require('assert'),
     constants = require('./constants.js'),
     debug = require('debug')('box:proxyAuth'),
     express = require('express'),
@@ -20,6 +21,7 @@ const assert = require('assert'),
     middleware = require('./middleware'),
     path = require('path'),
     paths = require('./paths.js'),
+    safe = require('safetydance'),
     users = require('./users.js');
 
 let gHttpServer = null;
@@ -44,8 +46,21 @@ function jwtVerify(req, res, next) {
     });
 }
 
-function loginPage(req, res) {
-    return res.sendFile(path.join(paths.DASHBOARD_DIR, 'proxyauth-login.html'));
+function loginPage(req, res, next) {
+    const appId = req.headers['x-app-id'] || '';
+    if (!appId) return next(new HttpError(503, 'Nginx misconfiguration'));
+
+    apps.get(appId, function (error, app) {
+        if (error) return next(new HttpError(503, error.message));
+
+        const title = app.label || app.manifest.title;
+
+        apps.getIconPath(app, {}, function (error, iconPath) {
+            const icon = safe.fs.readFileSync(iconPath || '', 'base64');
+
+            return res.render(path.join(paths.DASHBOARD_DIR, 'templates/proxyauth-login.ejs'), { title, icon });
+        });
+    });
 }
 
 // called by nginx to authorize any protected route
@@ -119,6 +134,8 @@ function initializeAuthwallExpressSync() {
     var router = new express.Router();
     router.del = router.delete; // amend router.del for readability further on
 
+    app.set('view engine', 'ejs');
+
     app
         .use(middleware.timeout(REQUEST_TIMEOUT))
         .use(middleware.cookieParser())