diff --git a/app/controllers/api/v1/base_controller.rb b/app/controllers/api/v1/base_controller.rb
index c1d58ff6..517fa28f 100644
--- a/app/controllers/api/v1/base_controller.rb
+++ b/app/controllers/api/v1/base_controller.rb
@@ -4,7 +4,11 @@ module Api
   module V1
     # API
     class BaseController < ActionController::Base
+      http_basic_authenticate_with name: ENV['HTTP_BASIC_USER'],
+                                   password: ENV['HTTP_BASIC_PASSWORD']
+
       protect_from_forgery with: :null_session
+      respond_to :json
     end
   end
 end
diff --git a/app/controllers/api/v1/sites_controller.rb b/app/controllers/api/v1/sites_controller.rb
index 8e79c880..8bea164e 100644
--- a/app/controllers/api/v1/sites_controller.rb
+++ b/app/controllers/api/v1/sites_controller.rb
@@ -4,6 +4,10 @@ module Api
   module V1
     # API para sitios
     class SitesController < BaseController
+      def index
+        render json: Site.all.order(:name).pluck(:name)
+      end
+
       # Detecta si se puede generar un certificado
       def allowed
         name = params[:domain].gsub(/\.#{Site.domain}\Z/, '')
diff --git a/config/initializers/hosts.rb b/config/initializers/hosts.rb
new file mode 100644
index 00000000..1cfc9efd
--- /dev/null
+++ b/config/initializers/hosts.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+Rails.application.configure do
+  next if ENV['RAILS_ENV'] == 'test'
+
+  domain = ENV.fetch('SUTTY', 'sutty.nl')
+
+  config.hosts << domain
+  config.hosts << "edit.#{domain}"
+  config.hosts << "api.#{domain}"
+end
diff --git a/config/routes.rb b/config/routes.rb
index 137ef940..87c3b61f 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -15,6 +15,7 @@ Rails.application.routes.draw do
     scope module: 'api' do
       namespace :v1 do
         get 'sites/allowed', to: 'sites#allowed'
+        resources :sites, only: %i[index]
       end
     end
   end
diff --git a/test/controllers/api/v1/sites_controller_test.rb b/test/controllers/api/v1/sites_controller_test.rb
index b55273c0..044ab451 100644
--- a/test/controllers/api/v1/sites_controller_test.rb
+++ b/test/controllers/api/v1/sites_controller_test.rb
@@ -12,7 +12,8 @@ module Api
 
         @authorization = {
           Authorization: ActionController::HttpAuthentication::Basic
-                         .encode_credentials(@usuarie.email, @usuarie.password)
+                         .encode_credentials(ENV['HTTP_BASIC_USER'],
+                                             ENV['HTTP_BASIC_PASSWORD'])
         }
       end
 
@@ -21,12 +22,19 @@ module Api
       end
 
       test 'se puede generar un certificado' do
-        get v1_sites_allowed_url, params: { domain: @site.name }
+        get v1_sites_allowed_url, headers: @authorization,
+                                  params: { domain: @site.name }
         assert_response :ok
 
-        get v1_sites_allowed_url, params: { domain: SecureRandom.hex }
+        get v1_sites_allowed_url, headers: @authorization,
+                                  params: { domain: SecureRandom.hex }
         assert_response :not_found
       end
+
+      test 'se puede obtener un listado de todos' do
+        get v1_sites_url, headers: @authorization, as: :json
+        assert_equal [@site.name], JSON.parse(response.body)
+      end
     end
   end
 end