diff --git a/dci/api/v1/teams.py b/dci/api/v1/teams.py
index 03236e0c1..ae5e3f0fd 100644
--- a/dci/api/v1/teams.py
+++ b/dci/api/v1/teams.py
@@ -126,6 +126,19 @@ def get_remotecis_by_team(user, team_id):
     return remotecis.get_all_remotecis(team.id)
 
 
+@api.route("/teams/<uuid:team_id>/products", methods=["GET"])
+@decorators.login_required
+def get_products_team_has_access_to(user, team_id):
+    if user.is_not_epm() and user.is_not_in_team(team_id):
+        raise dci_exc.Unauthorized()
+    team = base.get_resource_orm(models2.Team, team_id)
+    team_products = [p.serialize() for p in team.products]
+
+    return flask.jsonify(
+        {"products": team_products, "_meta": {"count": len(team_products)}}
+    )
+
+
 @api.route("/teams/<uuid:t_id>", methods=["PUT"])
 @decorators.login_required
 def put_team(user, t_id):
diff --git a/tests/api/v1/test_teams.py b/tests/api/v1/test_teams.py
index 50336f5c7..753b8ecb2 100644
--- a/tests/api/v1/test_teams.py
+++ b/tests/api/v1/test_teams.py
@@ -444,3 +444,15 @@ def test_create_and_update_team_with_has_pre_release_access_flag(admin, epm):
 
     team_updated = update_team_request.data["team"]
     assert team_updated["has_pre_release_access"]
+
+
+def test_get_products_team_has_access_to(admin, team_user_id, team_user_id2):
+    products_team_user_request = admin.get("/api/v1/teams/%s/products" % team_user_id)
+    assert products_team_user_request.status_code == 200
+    products = products_team_user_request.data["products"]
+    assert sorted([p["name"] for p in products]) == ["OpenStack", "RHEL"]
+
+    products_team_user2_request = admin.get("/api/v1/teams/%s/products" % team_user_id2)
+    assert products_team_user2_request.status_code == 200
+    products = products_team_user2_request.data["products"]
+    assert sorted([p["name"] for p in products]) == ["RHEL"]