diff --git a/clientsdb.py b/clientsdb.py
index bc6414f..c856cd3 100644
--- a/clientsdb.py
+++ b/clientsdb.py
@@ -4,8 +4,6 @@
 
 #import site packages
 import json
-import hmac
-import bcrypt
 
 #import local packages
 import ioconfig
@@ -20,12 +18,13 @@ def addclient(vmid, vmname, clientid, clientname, clientemail, vmpass):
     else:
         ioconfig.logger.info('client[{}]> does not exist. creating...'.format(clientid))
         #generate password and send it to the client
-        newpass = utils.genpassword(30)
-        ioconfig.logger.info('client[{}]> initial password is: {}'.format(clientid, newpass))
-        salt = bcrypt.gensalt()
-        b_newpass = newpass.encode('ascii')
-        encpasswd = bcrypt.hashpw(b_newpass, salt).decode('ascii')
-        vcard = { 'name':str(clientname), 'email':str(clientemail), 'encpasswd':str(encpasswd), 'id':str(clientid) }
+        #newpass = utils.genpassword(30)
+        #ioconfig.logger.info('client[{}]> initial password is: {}'.format(clientid, newpass))
+        #salt = bcrypt.gensalt()
+        #b_newpass = newpass.encode('ascii')
+        #encpasswd = bcrypt.hashpw(b_newpass, salt).decode('ascii')
+        #vcard = { 'name':str(clientname), 'email':str(clientemail), 'encpasswd':str(encpasswd), 'id':str(clientid) }
+        vcard = { 'name':str(clientname), 'email':str(clientemail), 'id':str(clientid) }
         newclient = { str(clientid):vcard }
         clientsdb.update(newclient)
         #Send initial email to the user as we will use the internal auth from now on.
@@ -38,86 +37,27 @@ def addclient(vmid, vmname, clientid, clientname, clientemail, vmpass):
     writeclientsdb(clientsdb)
 
 
-def setencpasswd(clientemail, newpass):
-    """ setup a new management password """
-    salt = bcrypt.gensalt()
-    b_newpass = newpass.encode('ascii')
-    encpasswd = bcrypt.hashpw(b_newpass, salt).decode('ascii')
-
-    try:
-        clientsdb = readclientsdb()
-        path = utils.get_path(clientsdb, clientemail)
-        c_id = str(path[0])
-        #check the returned path with forward query
-        query = clientsdb[c_id]['email']
-        #ioconfig.logger.info('client[{}]> path={}'.format(c_id, str(path)))
-    except:
-        ioconfig.logger.critical('clients> client {} not found'.format(clientemail))
-        raise
-
-    if query != clientemail:
-        ioconfig.logger.critical('clients> test query returns different vmname! check clients db for consistency!')
-        raise
-    else:
-        clientsdb[c_id]['encpasswd'] = encpasswd
-        ioconfig.logger.info('client[{}]> {} password changed!'.format(c_id, clientemail))
-        writeclientsdb(clientsdb)
-        #TODO: Send new email to the client to notify the password change. This time sending the password in plain text is not needed. 
-
-
-def checkin(clientid):
+def inventory(clientid):
     """ returns a list of owned vmids if client id matches the client database. (logged-in users)"""
-    #1. search for the client
     try:
         clientsdb = readclientsdb()
-        c_id = clientsdb[str(clientid)]
-        #c_id.pop('encpasswd')
-        email = c_id['email']
-        ioconfig.logger.info('client[{}]> {} active'.format(clientid, email))
-        return c_id
+        user = clientsdb[str(clientid)]
+        email = user['email']
+
+        response = {}
+        for vmid,data in user.items()
+            response[vmid] = data
+        response.pop('id')
+        response.pop('email')
+        response.pop('name')
+
+        ioconfig.logger.info('client[{}]> {} inventory sent.'.format(clientid, email))
+        return response
     except:
-        ioconfig.logger.error('clients> user id: {} could not be checked.'.format(clientid))
+        ioconfig.logger.error('clients> user id: {} could not be listed.'.format(clientid))
         return None
 
 
-def validate(clientemail, password):
-    """ returns a list of owned vmids if credentials match an user from the database. (fresh logins)"""
-    #1. search for the client
-    try:
-        clientsdb = readclientsdb()
-        path = utils.get_path(clientsdb, clientemail) 
-        c_id = str(path[0])
-    except:
-        ioconfig.logger.error('clients> {} was not found in the database!'.format(clientemail))
-        #log bad ips here...
-        return None
-
-    #2. check the password
-    encpass = clientsdb[c_id]['encpasswd']
-    b_srvpass = password.encode('ascii', 'ignore')
-    b_encpass = encpass.encode('ascii', 'ignore')
-
-    if (hmac.compare_digest(bcrypt.hashpw(b_srvpass, b_encpass), b_encpass)):
-        #login successful
-        ioconfig.logger.info('client[{}]> {} logged in successfully'.format(c_id, clientemail))
-        #TODO: Notify admin    
-        #3. generate vmlist to return the owned ids to the client.
-        return clientvms(clientsdb[c_id])
-    else:
-        ioconfig.logger.warning('client[{}]> {} access denied!'.format(c_id, clientemail))
-        #cant compare password
-        #TODO: Log attempts and block.
-        return None
-
-
-def clientvms(vmlist):
-    """ generate vmlist """
-    response = {}
-    for vmid,data in vmlist.items():
-        response[vmid] = data
-    return response
-
-
 def vmowner(vmid, vmname, verbose):
     """ find the owner of the vm """
     clientsdb = readclientsdb()
@@ -153,6 +93,57 @@ def writeclientsdb(clientsdb):
     dbw.close()
 
 
-if __name__ == '__main__':
+if __name__ == '__main__'
     setencpasswd('fqdn', '123456')
 
+
+#def validate(clientemail, password):
+#    """ returns a list of owned vmids if credentials match an user from the database. (fresh logins)"""
+#    #1. search for the client
+#    try:
+#        clientsdb = readclientsdb()
+#        path = utils.get_path(clientsdb, clientemail) 
+#        c_id = str(path[0])
+#    except:
+#        ioconfig.logger.error('clients> {} was not found in the database!'.format(clientemail))
+#        #log bad ips here...
+#        return None
+#    #2. check the password
+#    encpass = clientsdb[c_id]['encpasswd']
+#    b_srvpass = password.encode('ascii', 'ignore')
+#    b_encpass = encpass.encode('ascii', 'ignore')
+#    if (hmac.compare_digest(bcrypt.hashpw(b_srvpass, b_encpass), b_encpass)):
+#        #login successful
+#        ioconfig.logger.info('client[{}]> {} logged in successfully'.format(c_id, clientemail))
+#        #3. generate vmlist to return the owned ids to the client.
+#        return clientvms(clientsdb[c_id])
+#    else:
+#        ioconfig.logger.warning('client[{}]> {} access denied!'.format(c_id, clientemail))
+#        #cant compare password
+#        return None
+#
+#
+#def setencpasswd(clientemail, newpass):
+#    """ setup a new management password """
+#    salt = bcrypt.gensalt()
+#    b_newpass = newpass.encode('ascii')
+#    encpasswd = bcrypt.hashpw(b_newpass, salt).decode('ascii')
+#    try:
+#        clientsdb = readclientsdb()
+#        path = utils.get_path(clientsdb, clientemail)
+#        c_id = str(path[0])
+#        #check the returned path with forward query
+#        query = clientsdb[c_id]['email']
+#        #ioconfig.logger.info('client[{}]> path={}'.format(c_id, str(path)))
+#    except:
+#        ioconfig.logger.critical('clients> client {} not found'.format(clientemail))
+#        raise
+#
+#    if query != clientemail:
+#        ioconfig.logger.critical('clients> test query returns different vmname! check clients db for consistency!')
+#        raise
+#    else:
+#        clientsdb[c_id]['encpasswd'] = encpasswd
+#        ioconfig.logger.info('client[{}]> {} password changed!'.format(c_id, clientemail))
+#        writeclientsdb(clientsdb)
+
diff --git a/proxmaster.py b/proxmaster.py
index 8e3213a..3ad627f 100644
--- a/proxmaster.py
+++ b/proxmaster.py
@@ -27,7 +27,7 @@ def welcome():
 def selector(fn, req, vmid=0):
     """ try to exec commands """
     json = req.context['doc']
-    #print(json) #TODO: remove debug print
+    #print(json)
     apipass = json['apikey']
     if apipass != config.get('general', 'apipass'):
         status = falcon.HTTP_403
@@ -36,15 +36,9 @@ def selector(fn, req, vmid=0):
         return status, body
 
     try:
-        if fn == 'validate':
-            clientemail = json['clientemail']
-            passwd = json['password']
-            #logger.info('grid> access requested for {} with {}'.format(clientemail, passwd))
-            body = clientsdb.validate(clientemail, passwd)
-
-        elif fn == 'checkin':
+        if fn == 'inventory':
             clientid = json['clientid']
-            body = clientsdb.checkin(clientid)
+            body = clientsdb.inventory(clientid)
 
         elif fn == 'vmcreate':
             body = plugin.vmcreate(json)
@@ -147,18 +141,11 @@ def max_body(limit):
     return hook
 
 
-class ValidateResource(object):
-    @falcon.before(max_body(64 * 1024))
-    def on_post(self, req, resp):
-        """ get clientemail and password, compare it with the client db and returns a list of managed objects """
-        resp.status, response = selector('validate', req)
-        req.context['result'] = response
-
-class CheckInResource(object):
+class InventoryResource(object):
     @falcon.before(max_body(64 * 1024))
     def on_post(self, req, resp):
         """ get client id, compare it with the client db and returns a list of managed objects """
-        resp.status, response = selector('checkin', req)
+        resp.status, response = selector('inventory', req)
         req.context['result'] = response
 
 class CreateResource(object):
@@ -250,11 +237,8 @@ wsgi_app = api = application = falcon.API(middleware=[
 ])
    
 # setup routes
-res_validate = ValidateResource()
-api.add_route('/validate', res_validate)
-
-res_checkin = CheckInResource()
-api.add_route('/checkin', res_checkin)
+res_inventory = InventoryResource()
+api.add_route('/inventory', res_inventory)
 
 res_create = CreateResource()
 api.add_route('/vmcreate', res_create)