diff --git a/slides/swarm/gui.md b/slides/swarm/gui.md
index 05796ba62..29fdb0764 100644
--- a/slides/swarm/gui.md
+++ b/slides/swarm/gui.md
@@ -49,3 +49,55 @@ What about web interfaces to control and manage Swarm?
   - Agent URL: `tasks.agent:9001`
 
 - Let's browse around the interface
+
+---
+
+## Portainer API - Advanced privileges
+
+- setup a non administrative user
+
+- deploy an app template via portainer with only administrator rights
+
+- deploy an app template via portainer with rights for the created user
+
+- do `http POST :9000/api/auth Username="$USER" Password="$PASSWORD"`
+
+- now try to query the deployed stacks `http GET :9000/api/stacks "Authorization: Bearer $TOKEN"`
+  you will only see the stack with the user rights
+
+- you could prevent access for stacks like monitoring, log-forwarding and the portainer agent
+
+---
+
+## Single GUI/API for multiple swarms
+
+- setup 2 swarms instead of one swarm with 3 nodes
+
+- install the portainer agent on both swarms
+
+```
+docker service create \
+    --name portainer_agent \
+    --network portainer_agent_network \
+    --publish mode=host,target=9001,published=9001 \
+    -e AGENT_CLUSTER_ADDR=tasks.portainer_agent \
+    --mode global \
+    --mount type=bind,src=//var/run/docker.sock,dst=/var/run/docker.sock \
+    --mount type=bind,src=//var/lib/docker/volumes,dst=/var/lib/docker/volumes \
+    portainer/agent
+```
+
+- now go to portainer and add both agents as endpoint
+
+- now you can deploy stacks via one api on multiple docker swarms
+
+- deploy a stack on swarm2
+
+```
+http POST ':9000/api/stacks?method=repository&type=1&endpointId=2' \
+  "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MiwidXNlcm5hbWUiOiJ1c2VyMSIsInJvbGUiOjIsImV4cCI6MTU0MTQ5MDg4OH0.9hVYxfSfdNAnQDRfEsH9-EcQkI9aL3beEmxJz8_6uOI" \
+  Name="Voting" \
+  RepositoryURL="https://github.com/BretFisher/example-voting-app" \
+  ComposeFilePathInRepository="docker-stack.yml" \
+  SwarmID="$SWARMID"
+```
\ No newline at end of file