diff --git a/Dockerfile b/Dockerfile
index 0b55404..24fd9fc 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,5 @@
 FROM harbor.k-space.ee/k-space/microservice-base
+RUN pip3 install httpx
 WORKDIR /app
 COPY app /app
 CMD /app/doorboy-proxy.py
diff --git a/app/doorboy-proxy.py b/app/doorboy-proxy.py
index 4b8e23d..1e803f0 100755
--- a/app/doorboy-proxy.py
+++ b/app/doorboy-proxy.py
@@ -3,6 +3,7 @@ from sanic import Sanic
 from sanic.response import text, json
 from sanic_prometheus import monitor
 from motor.motor_asyncio import AsyncIOMotorClient
+import httpx
 import pymongo
 import os
 
@@ -10,6 +11,7 @@ app = Sanic(__name__)
 monitor(app).expose_endpoint()
 
 DOORBOY_SECRET = os.environ["DOORBOY_SECRET"]
+CARD_KUBE_GROUP = os.environ["CARD_KUBE_GROUP"]
 MONGO_URI = os.getenv("MONGO_URI",
                       "mongodb://127.0.0.1:27017/default?replicaSet=rs0")
 
@@ -22,29 +24,21 @@ async def setup_db(app, loop):
     # https://github.com/sanic-org/sanic/issues/919
     app.ctx.db = AsyncIOMotorClient(MONGO_URI).get_default_database()
 
-
 @app.route("/allowed")
 async def view_doorboy_uids(request):
     if request.headers.get("KEY") != DOORBOY_SECRET:
         return text("how about no")
-    allowed_names = []
-    async for obj in app.ctx.db.member.find({"enabled": True}):
-        allowed_names.append(obj["_id"])
+
+    async with httpx.AsyncClient() as client:
+        r = await client.get("https://inventory-app-72zn4.codemowers.ee/cards", params={
+            "group": CARD_KUBE_GROUP
+        })
+    j = r.json()
     allowed_uids = []
-    flt = {
-        "token.uid_hash": {"$exists": True},
-        "inventory.owner": {"$exists": True},
-        "token.enabled": {"$exists": True}
-    }
-    prj = {
-        "inventory.owner": True,
-        "token.uid_hash": True
-    }
-    async for obj in app.ctx.db.inventory.find(flt, prj):
-        if obj["inventory"].pop("owner").get("foreign_id") in allowed_names:
-            del obj["_id"]
-            del obj["inventory"]
-            allowed_uids.append(obj)
+    for obj in j:
+        allowed_uids.append({
+            "token": obj["token"]
+        })
     return json({"allowed_uids": allowed_uids})
 
 
diff --git a/docker-compose.yml b/docker-compose.yml
index bd933a4..9dda351 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -24,6 +24,7 @@ services:
   doorboy_proxy:
     network_mode: host
     environment:
-      DOORBOY_SECRET: 0123456789
+      DOORBOY_SECRET: "0123456789"
+      CARD_KUBE_GROUP: "codemowers:admins"
     build:
       context: .