diff --git a/api/api.go b/api/api.go
index ef67c3e..14550af 100644
--- a/api/api.go
+++ b/api/api.go
@@ -23,7 +23,7 @@ func SetupApp(app *fiber.App) {
 	api.Get("/events", eventController.GetAllEvents)
 	api.Post("/register", userController.RegisterForEvent)
 	api.Get("/rsvp", userController.RsvpForEvent)
-	api.Get("/event/:slug/registrations", eventController.GetEventRegistrationsCount)
+	api.Get("/event/:slug/registrations/:secret", eventController.GetEventRegistrationsCount)
 	protected := api.Use(authController.AuthenticateAdmin)
 	protected.Get("/users", eventController.GetEventUsers)
 	protected.Get("/user/:userId", userController.GetUserById)
diff --git a/api/events/controller/eventController.go b/api/events/controller/eventController.go
index 622d420..9a986fd 100644
--- a/api/events/controller/eventController.go
+++ b/api/events/controller/eventController.go
@@ -14,6 +14,7 @@ import (
 	userModel "github.com/srm-kzilla/events/api/users/model"
 	"github.com/srm-kzilla/events/database"
 	helpers "github.com/srm-kzilla/events/utils/helpers"
+	"github.com/srm-kzilla/events/utils/services"
 	S3 "github.com/srm-kzilla/events/utils/services/s3"
 	"github.com/srm-kzilla/events/validators"
 	"go.mongodb.org/mongo-driver/bson"
@@ -512,6 +513,14 @@ Get event totaal registrations count by event slug.
 */
 func GetEventRegistrationsCount(c *fiber.Ctx) error {
 	slug := c.Params("slug")
+
+	secret := c.Params("secret")
+	if !services.VerifyRouteSecret(secret) {
+		return c.Status(fiber.StatusBadGateway).JSON(fiber.Map{
+			"error": "Invalid route secret",
+		})
+	}
+
 	usersCollection, e := database.GetCollection(os.Getenv("DB_NAME"), "Users")
 	if e != nil {
 		fmt.Println("Error: ", e)
diff --git a/utils/services/services.go b/utils/services/services.go
index adfcc35..f76656b 100644
--- a/utils/services/services.go
+++ b/utils/services/services.go
@@ -17,3 +17,8 @@ func GenerateCollegeYearRegistrationPrefix() (firstYearPrefix, secondYearPrefix,
 	fourthYearPrefix = "RA" + strconv.Itoa(currentFirstYear-3)
 	return firstYearPrefix, secondYearPrefix, thirdYearPrefix, fourthYearPrefix, nil
 }
+
+func VerifyRouteSecret(secret string) bool {
+	routeSecret := os.Getenv("ROUTE_SECRET")
+	return secret == routeSecret
+}