diff --git a/.envrctemplate b/.envrctemplate
index dd54878..76756c7 100644
--- a/.envrctemplate
+++ b/.envrctemplate
@@ -8,4 +8,5 @@ export POSTGRES_PASSWORD=
 export POSTGRES_HOST=
 export POSTGRES_PORT=
 export VENDOR_API_KEY=
-export VENDOR_BEARER_TOKEN=
\ No newline at end of file
+export VENDOR_BEARER_TOKEN=
+export REPORT_KEY=
\ No newline at end of file
diff --git a/src/cdn_parser/urls.py b/src/cdn_parser/urls.py
deleted file mode 100644
index ea7f571..0000000
--- a/src/cdn_parser/urls.py
+++ /dev/null
@@ -1,6 +0,0 @@
-from django.urls import path 
-from cdn_parser.views import PopulateModels
-
-urlpatterns = [
-    path("populate/", PopulateModels.as_view(), name="populate")
-]
\ No newline at end of file
diff --git a/src/cdn_parser/views.py b/src/cdn_parser/views.py
index 9e4815e..91ea44a 100644
--- a/src/cdn_parser/views.py
+++ b/src/cdn_parser/views.py
@@ -1,12 +1,3 @@
 from django.shortcuts import render
-from django.http import JsonResponse
-from rest_framework import generics
-
-from eatery.util.json import FieldType, error_json, success_json, verify_json_fields
-from cdn_parser.controllers.populate_models import CornellDiningNowController
-
-class PopulateModels(generics.GenericAPIView):
-    def get(self, request):
-        CornellDiningNowController().process()
-        return JsonResponse(success_json("Populated all models"))
 
+# Create your views here.
diff --git a/src/eatery_blue_backend/urls.py b/src/eatery_blue_backend/urls.py
index c9ae339..3dee7a6 100644
--- a/src/eatery_blue_backend/urls.py
+++ b/src/eatery_blue_backend/urls.py
@@ -19,7 +19,6 @@
 urlpatterns = [
     path("admin/", admin.site.urls),
     path("eatery/", include("eatery.urls")),
-    path("cdn/", include("cdn_parser.urls")),
     path("report/", include("report.urls")),
     path("alert/", include("alert.urls")),
     path("person/", include("person.urls")),
diff --git a/src/report/permissions.py b/src/report/permissions.py
index f38c0f4..47a59f3 100644
--- a/src/report/permissions.py
+++ b/src/report/permissions.py
@@ -3,7 +3,7 @@
 class ReportPermission(permissions.BasePermission):
 
     def has_permission(self, request, view):
-        if view.action in ['create']:
+        if view.action in ['create', 'custom_retrieve']:
             return True
         return request.user.is_staff
                                                                                                 
diff --git a/src/report/views.py b/src/report/views.py
index b5e9c1f..b638a40 100644
--- a/src/report/views.py
+++ b/src/report/views.py
@@ -2,8 +2,21 @@
 from report.models import Report
 from report.serializers import ReportSerializer
 from .permissions import ReportPermission
+from rest_framework.decorators import action
+from rest_framework.response import Response
+import os
 
 class ReportViewSet(viewsets.ModelViewSet):
     queryset = Report.objects.all()
     serializer_class = ReportSerializer
-    permission_classes = [ReportPermission]
\ No newline at end of file
+    permission_classes = [ReportPermission]
+
+    @action(url_path='custom_retrieve',detail=False, methods=['GET'])
+    def custom_retrieve(self, request, pk=None):
+        if 'key' not in request.headers:
+            return Response({"error": "no key"}, status=401)
+        if request.headers['key'] != os.environ.get('REPORT_KEY'):
+            return Response({"error": "invalid key"}, status=401)
+        report = Report.objects.all()
+        serializer = ReportSerializer(report, many=True)
+        return Response(serializer.data, status=200)
\ No newline at end of file