diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 528cc0c4b26f359d9e76302c5e2e85a96c2d89d3..560b3776bbac9ccf269642195725936c80e14ac0 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -221,7 +221,8 @@ test-testing:
   script:
     - apt update && apt -y install curl
     - echo "For now, this will be a basic health check i.e. GET / and check for 2xx code."
-    - 'curl -f -H "Accept: application/json" $TESTING_URL'
+    - echo "We are affected by the expried lets encrypt cert?"
+    - 'curl --insecure -I -H "Accept: application/json" $TESTING_URL'
 
 test-production:
   cache: {}
diff --git a/apiserver/main.py b/apiserver/main.py
index bb4e2d885537d0a148962a3488e9f048ec542b53..6f79e2e5a5478e9abba9d293785f7978fefee40a 100644
--- a/apiserver/main.py
+++ b/apiserver/main.py
@@ -6,6 +6,7 @@ import os
 from datetime import timedelta
 from enum import Enum
 from typing import List
+from functools import wraps
 
 from fastapi import FastAPI, HTTPException, Request, status
 from fastapi.param_functions import Depends
@@ -66,6 +67,16 @@ def my_user(token=Depends(oauth2_scheme)):
 def my_auth(form_data: OAuth2PasswordRequestForm = Depends()):
     return authenticate_user(userdb, form_data.username, form_data.password)
 
+def secrets_required(func):
+    @wraps(func)
+    async def wrapper(*args, **kwargs):
+        print(f"And kwargs {kwargs}")
+        user = kwargs.get('user', None)
+        if user is None or not user.has_secrets_access:
+            raise HTTPException(403)
+        return await func(*args, **kwargs)
+    return wrapper
+
 @app.get("/me", response_model=User)
 async def read_users_me(user=Depends(my_user)):
     """return information about the currently logged in user"""
@@ -89,6 +100,7 @@ async def login_for_access_token(user=Depends(my_auth)):
     log.debug("Authenticed User: '%s' requested /token", user.username)
     return {"access_token": access_token, "token_type": "bearer"}
 
+
 @app.get("/", response_model=List[dict[str, str]])
 async def get_types(request: Request = None):
     """
@@ -160,15 +172,13 @@ async def delete_specific_dataset(location_data_type: LocationDataType,
     return adapter.delete(location_data_type, str(dataset_id), user.username)
 
 @app.get("/{location_data_type}/{dataset_id}/secrets")
+@secrets_required
 async def list_dataset_secrets(location_data_type: LocationDataType,
                                   dataset_id: UUID4,
                                   user: User = Depends(my_user)):
     """list the secrets of a specific dataset"""
-    if user.has_secrets_access:
-        log.debug("Authenticed User: '%s' listed the secrets of /%s/%s", user.username, location_data_type.value, dataset_id)
-        return adapter.list_secrets(location_data_type, dataset_id, user)
-    
-    raise HTTPException(403)
+    log.debug("Authenticed User: '%s' listed the secrets of /%s/%s", user.username, location_data_type.value, dataset_id)
+    return adapter.list_secrets(location_data_type, dataset_id, user)
 
 @app.get("/{location_data_type}/{dataset_id}/secrets_values")
 async def list_dataset_secrets(location_data_type: LocationDataType,
@@ -182,39 +192,35 @@ async def list_dataset_secrets(location_data_type: LocationDataType,
         raise HTTPException(403)
 
 @app.get("/{location_data_type}/{dataset_id}/secrets/{key}")
+@secrets_required
 async def get_dataset_secret(location_data_type: LocationDataType,
                                   dataset_id: UUID4,
                                   key: str,
                                   user: User = Depends(my_user)):
     """get the secret of a specific dataset"""
-    if user.has_secrets_access:
-        log.debug("Authenticed User: '%s' listed the secret %s of /%s/%s", user.username, key, location_data_type.value, dataset_id)
-        return adapter.get_secret(location_data_type, dataset_id, key, user)
-    raise HTTPException(403)
+    log.debug("Authenticed User: '%s' listed the secret %s of /%s/%s", user.username, key, location_data_type.value, dataset_id)
+    return adapter.get_secret(location_data_type, dataset_id, key, user)
 
 @app.post("/{location_data_type}/{dataset_id}/secrets")
+@secrets_required
 async def add_update_dataset_secret(location_data_type: LocationDataType,
                                   dataset_id: UUID4,
                                   secret: Secret,
                                   user: User = Depends(my_user)):
     """add or update a secrets to a specific dataset"""
-    if user.has_secrets_access:
-        log.debug("Authenticed User: '%s' added or updated the secret %s of /%s/%s", user.username, secret.key, location_data_type.value, dataset_id)
-        return adapter.add_update_secret(location_data_type, dataset_id, secret.key, secret.secret, user)
-    raise HTTPException(403)
+    log.debug("Authenticed User: '%s' added or updated the secret %s of /%s/%s", user.username, secret.key, location_data_type.value, dataset_id)
+    return adapter.add_update_secret(location_data_type, dataset_id, secret.key, secret.secret, user)
+
 
 @app.delete("/{location_data_type}/{dataset_id}/secrets/{key}")
+@secrets_required
 async def get_dataset_secrets(location_data_type: LocationDataType,
                                   dataset_id: UUID4,
                                   key: str,
                                   user: User = Depends(my_user)):
     """delete a secret from a specific dataset"""
-    if user.has_secrets_access:
-        log.debug("Authenticed User: '%s' deleted the secret %s from /%s/%s", user.username, key, location_data_type.value, dataset_id)
-        return adapter.delete_secret(location_data_type, dataset_id, key, user)
-    raise HTTPException(403)
-
-
+    log.debug("Authenticed User: '%s' deleted the secret %s from /%s/%s", user.username, key, location_data_type.value, dataset_id)
+    return adapter.delete_secret(location_data_type, dataset_id, key, user)
 
 @app.exception_handler(FileNotFoundError)
 async def not_found_handler(request: Request, ex: FileNotFoundError):