diff --git a/config.ini b/config.ini
index ebec123..93dc103 100644
--- a/config.ini
+++ b/config.ini
@@ -8,3 +8,8 @@ db_file = db.json
 # Col1: First Name(s), Col2: Last Name(s), Col3 (optional): EMail
 # Remove or leave empty for no check
 name_file = namensliste.csv
+
+
+# Username and password for data retrieval
+admin_user = admin
+admin_pass = topSecret
diff --git a/ftracker/core.py b/ftracker/core.py
index c777805..cdeaa86 100644
--- a/ftracker/core.py
+++ b/ftracker/core.py
@@ -94,3 +94,18 @@ def post_departure():
 	)
 
 	return 'OK', 200
+
+
+@app.route('/data')
+def get_data():
+
+	if not 'Authorization' in request.headers:
+		return 'Error: No Authorization', 401, {'WWW-Authenticate': 'Basic'}
+
+	if request.authorization.username != config['admin_user']:
+		return "Wrong username", 403
+
+	if request.authorization.password != config['admin_pass']:
+		return "Wrong password", 403
+
+	return json.dumps(db.all(), indent=4), 200