diff --git a/classes/NetlifyToml.js b/classes/NetlifyToml.js
new file mode 100644
index 000000000..e0b3171b2
--- /dev/null
+++ b/classes/NetlifyToml.js
@@ -0,0 +1,44 @@
+const axios = require('axios')
+const validateStatus = require('../utils/axios-utils')
+
+// Import error
+const { NotFoundError } = require('../errors/NotFoundError')
+
+const GITHUB_ORG_NAME = process.env.GITHUB_ORG_NAME
+const BRANCH_REF = process.env.BRANCH_REF
+
+class NetlifyToml {
+  constructor(accessToken, siteName) {
+    this.accessToken = accessToken
+    this.siteName = siteName
+  }
+
+  async read() {
+    try {
+      const endpoint = `https://api.github.com/repos/${GITHUB_ORG_NAME}/${this.siteName}/contents/netlify.toml`
+      
+      const params = {
+        "ref": BRANCH_REF,
+      }
+
+      const resp = await axios.get(endpoint, {
+        validateStatus,
+        params,
+        headers: {
+          Authorization: `token ${this.accessToken}`,
+          "Content-Type": "application/json"
+        }
+      })
+
+      if (resp.status === 404) throw new NotFoundError ('netlify.toml file does not exist')
+
+      const { content, sha } = resp.data
+      return { content, sha }
+
+    } catch (err) {
+      throw err
+    }
+  }
+}
+
+module.exports = { NetlifyToml }
\ No newline at end of file
diff --git a/middleware/auth.js b/middleware/auth.js
index ecdb801f2..68ca6df7e 100644
--- a/middleware/auth.js
+++ b/middleware/auth.js
@@ -115,6 +115,9 @@ auth.post('/sites/:siteName/resources/:resourceName/rename/:newResourceName', ve
 auth.get('/sites/:siteName/settings', verifyJwt)
 auth.post('/sites/:siteName/settings', verifyJwt)
 
+// Netlify toml
+auth.get('/sites/:siteName/netlify-toml', verifyJwt)
+
 // Sites
 auth.get('/sites', verifyJwt)
 
diff --git a/routes/netlifyToml.js b/routes/netlifyToml.js
new file mode 100644
index 000000000..a470029df
--- /dev/null
+++ b/routes/netlifyToml.js
@@ -0,0 +1,32 @@
+const express = require('express')
+const router = express.Router()
+const toml = require('toml')
+
+// Import middleware
+const { attachRouteHandlerWrapper } = require('../middleware/routeHandler')
+
+// Import classes 
+const { NetlifyToml } = require('../classes/NetlifyToml')
+
+// List resources
+async function getNetlifyToml (req, res, next) {
+  const { accessToken } = req
+  const { siteName } = req.params
+
+  const netlifyTomlFile = new NetlifyToml(accessToken, siteName)
+  
+  const { content } = await netlifyTomlFile.read()
+  
+  // Convert to readable form
+  const netlifyTomlReadableContent = toml.parse(Base64.decode(content))
+  
+  // Headers is an array of objects, specifying a set of access rules for each specified path
+  // Under our current assumption, we apply the first set of access rules to all paths
+  const netlifyTomlHeaderValues = netlifyTomlReadableContent.headers[0].values
+
+  res.status(200).json({ netlifyTomlHeaderValues })
+}
+
+router.get('/:siteName/netlify-toml', attachRouteHandlerWrapper(getNetlifyToml))
+
+module.exports = router;
\ No newline at end of file
diff --git a/server.js b/server.js
index e773c8a50..860e2c161 100644
--- a/server.js
+++ b/server.js
@@ -28,6 +28,7 @@ const menuRouter = require('./routes/menus')
 const homepageRouter = require('./routes/homepage')
 const menuDirectoryRouter = require('./routes/menuDirectory')
 const settingsRouter = require('./routes/settings')
+const netlifyTomlRouter = require('./routes/netlifyToml')
 
 const app = express();
 
@@ -61,6 +62,7 @@ app.use('/sites', menuRouter)
 app.use('/sites', homepageRouter)
 app.use('/sites', menuDirectoryRouter)
 app.use('/sites', settingsRouter)
+app.use('/sites', netlifyTomlRouter)
 
 // catch 404 and forward to error handler
 app.use(function(req, res, next) {