diff --git a/app/doorboy-proxy.py b/app/doorboy-proxy.py
index b33ffe2..d438c49 100755
--- a/app/doorboy-proxy.py
+++ b/app/doorboy-proxy.py
@@ -10,13 +10,16 @@ import os
 app = Sanic(__name__)
 monitor(app).expose_endpoint()
 
-DOORBOY_SECRET = os.environ["DOORBOY_SECRET"]
+DOORBOY_SECRET_FLOOR = os.environ["DOORBOY_SECRET_FLOOR"]
+DOORBOY_SECRET_WORKSHOP = os.environ["DOORBOY_SECRET_WORKSHOP"]
 CARD_URI = os.environ["CARD_URI"]
-CARD_KUBE_GROUP = os.environ["CARD_KUBE_GROUP"]
+FLOOR_ACCESS_GROUP = os.environ["FLOOR_ACCESS_GROUP"]
+WORKSHOP_ACCESS_GROUP = os.environ["WORKSHOP_ACCESS_GROUP"]
 MONGO_URI = os.getenv("MONGO_URI",
                       "mongodb://127.0.0.1:27017/default?replicaSet=rs0")
 
-assert len(DOORBOY_SECRET) >= 10
+assert len(DOORBOY_SECRET_FLOOR) >= 10
+assert len(DOORBOY_SECRET_WORKSHOP) >= 10
 
 
 @app.listener("before_server_start")
@@ -27,13 +30,20 @@ async def setup_db(app, loop):
 
 @app.route("/allowed")
 async def view_doorboy_uids(request):
-    if request.headers.get("KEY") != DOORBOY_SECRET:
+    key = request.headers.get("KEY")
+    if key not in [DOORBOY_SECRET_FLOOR, DOORBOY_SECRET_WORKSHOP]:
         return text("how about no")
 
+    if key == DOORBOY_SECRET_FLOOR:
+        group = FLOOR_ACCESS_GROUP
+    elif key == DOORBOY_SECRET_WORKSHOP:
+        group = WORKSHOP_ACCESS_GROUP
+    if not group:
+        return "fail", 500
     async with httpx.AsyncClient() as client:
-        r = await client.get(CARD_URI, params={
-            "group": CARD_KUBE_GROUP
-        })
+        r = await client.post(CARD_URI, json={
+            "groups": [group]
+        }, headers={"Content-Type": "application/json"})
     j = r.json()
     allowed_uids = []
     for obj in j:
diff --git a/docker-compose.yml b/docker-compose.yml
index fdef453..328d715 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -24,8 +24,10 @@ services:
   doorboy_proxy:
     network_mode: host
     environment:
-      DOORBOY_SECRET: "0123456789"
-      CARD_KUBE_GROUP: "codemowers:admins"
+      DOORBOY_SECRET_FLOOR: "0123456789"
+      DOORBOY_SECRET_WORKSHOP: "9999999999"
+      FLOOR_ACCESS_GROUP: "k-space:floor"
+      WORKSHOP_ACCESS_GROUP: "k-space:workshop"
       CARD_URI: "https://inventory-app-72zn4.codemowers.ee/cards"
     build:
       context: .