diff --git a/app/Http/Controllers/SapFileController.php b/app/Http/Controllers/SapFileController.php
index 8beb7ab..4fdc481 100644
--- a/app/Http/Controllers/SapFileController.php
+++ b/app/Http/Controllers/SapFileController.php
@@ -27,8 +27,20 @@ class SapFileController extends Controller
 
     }
 
-    public function readFiles()
+    public function readFiles(Request $request)
     {
+        $expectedUser = env('API_AUTH_USER');
+        $expectedPw   = env('API_AUTH_PW');
+        $header_auth  = $request->header('Authorization');
+        $expectedToken = $expectedUser . ':' . $expectedPw;
+
+        if ("Bearer " . $expectedToken != $header_auth)
+        {
+            return response()->json([
+                'status_code' => 'ERROR',
+                'status_description' => 'Invalid authorization token!'
+            ], 403);
+        }
 
         $path = "/LaserPRD";