diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 3c8039f..33444c4 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -57,9 +57,7 @@
       end
     end
   end
-  
-  
-    
+
 
   # DELETE /users/1
   # DELETE /users/1.json
@@ -72,4 +70,35 @@
       format.json { head :no_content }
     end
   end
+
+  def admin_index
+        if user_signed_in? && current_user.is_org_admin? then
+            respond_to do |format|
+                format.html # index.html.erb
+                format.json { render json: @organisation_users }
+            end
+        else
+            render(:file => File.join(Rails.root, 'public/403.html'), :status => 403, :layout => false)
+        end
+    end
+
+    def api_update
+        if user_signed_in? && current_user.is_org_admin? then
+            unless params[:user_ids].nil?
+                # find excluded user_id's
+                excluded_ids = params[:user_ids]
+                excluded_ids.each do |user_id|
+                    User.find(user_id).remove_token
+                end
+                # remove their api_tokens
+                # find included user id's
+                params[:user_ids].each do |user_id|
+                    User.find(user_id).keep_or_generate_token
+                end
+                # keep_or_generate_token
+            end
+        else
+            render(:file => File.join(Rails.root, 'public/403.html'), :status => 403, :layout => false)
+        end
+    end
 end