diff --git a/src/InternshipSystem.Api/Controllers/DocumentsController.cs b/src/InternshipSystem.Api/Controllers/DocumentsController.cs
index d502fb7..a59efb5 100644
--- a/src/InternshipSystem.Api/Controllers/DocumentsController.cs
+++ b/src/InternshipSystem.Api/Controllers/DocumentsController.cs
@@ -1,4 +1,6 @@
 using System.IO;
+using System.Linq;
+using System.Net.Mime;
 using System.Threading;
 using System.Threading.Tasks;
 using InternshipSystem.Api.Queries;
@@ -66,6 +68,7 @@ namespace InternshipSystem.Api.Controllers
         }
 
         [HttpPut("{documentId}/scan")]
+        [Authorize(Policy = Policies.RegisteredOnly)]
         public async Task<ActionResult> AddDocumentScan(long documentId, IFormFile documentScan, [FromServices] User user, CancellationToken cancellationToken)
         {
             await using var memoryStream = new MemoryStream();
@@ -89,5 +92,24 @@ namespace InternshipSystem.Api.Controllers
 
             return Ok();
         }
+        
+        [HttpGet("{documentId}/scan")]
+        [Authorize(Policy = Policies.RegisteredOnly)]
+        public async Task<ActionResult> GetDocumentScan(long documentId, [FromServices] User user, CancellationToken cancellationToken)
+        {
+            var edition = await _context.Editions.FirstAsync(e => e.Id == user.EditionId, cancellationToken);
+
+            var internship =
+                await _context.Entry(edition)
+                    .Collection(e => e.Internships)
+                    .Query()
+                    .Include(i => i.Documentation)
+                    .FirstAsync(i => i.Student.Id == user.PersonNumber, cancellationToken);
+
+            var document = internship.Documentation.First(d => d.Id == documentId);
+            var stream = new MemoryStream(document.Scan);
+            
+            return File(stream, "application/pdf");
+        }
     }
 }
\ No newline at end of file