diff --git a/modul/host/api.go b/modul/host/api.go
index bac79dc..3cc310f 100644
--- a/modul/host/api.go
+++ b/modul/host/api.go
@@ -39,6 +39,10 @@ func BindAPI(db *gorm.DB, router *goji.Mux, prefix string) {
 	router.HandleFuncC(pat.Post(prefix+"/database"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseAdd))))
 	router.HandleFuncC(pat.Patch(prefix+"/database/:databaseid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseEdit))))
 	router.HandleFuncC(pat.Delete(prefix+"/database/:databaseid"), libapi.SessionHandler(system.LoginHandler(ProfilHandler(databaseDelete))))
+
+	// ADMIN APIS
+	router.HandleFuncC(pat.Get(prefix+"/profils"), libapi.SessionHandler(system.LoginHandler(profilList)))
+	router.HandleFuncC(pat.Patch(prefix+"/profil/:id"), libapi.SessionHandler(system.LoginHandler(toggleReseller)))
 }
 
 func checkSignup(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) {
diff --git a/modul/host/apiprofil.go b/modul/host/apiprofil.go
new file mode 100644
index 0000000..b067e62
--- /dev/null
+++ b/modul/host/apiprofil.go
@@ -0,0 +1,58 @@
+package host
+
+import (
+	"net/http"
+	"strconv"
+
+	"goji.io/pat"
+	"golang.org/x/net/context"
+
+	libapi "dev.sum7.eu/sum7/warehost/lib/api"
+	system "dev.sum7.eu/sum7/warehost/system"
+)
+
+func profilList(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) {
+	login := ctx.Value("login").(*system.Login)
+	returndata = false
+	logger := log.GetLog(r, "toggleReseller")
+	if !login.Superadmin {
+		returnerr = &libapi.ErrorResult{Fields: []string{"session"}, Message: "not a superadmin"}
+		w.WriteHeader(http.StatusUnauthorized)
+		logger.Warn("not a superadmin")
+		return
+	}
+	var profils []*Profil
+	dbconnection.Preload("Login").Find(&profils)
+	returndata = profils
+	return
+}
+
+func toggleReseller(ctx context.Context, w http.ResponseWriter, r *http.Request) (returndata interface{}, returnerr *libapi.ErrorResult) {
+	login := ctx.Value("login").(*system.Login)
+	returndata = false
+	logger := log.GetLog(r, "toggleReseller")
+	if !login.Superadmin {
+		returnerr = &libapi.ErrorResult{Fields: []string{"session"}, Message: "not a superadmin"}
+		w.WriteHeader(http.StatusUnauthorized)
+		logger.Warn("not a superadmin")
+		return
+	}
+	id, err := strconv.ParseInt(pat.Param(ctx, "id"), 10, 64)
+	if err != nil {
+		returnerr = &libapi.ErrorResult{Message: "Error invalid input"}
+		logger.Warn("invalid userinput, no integer")
+		return
+	}
+	logger = logger.WithField("id", id)
+	var profil = Profil{ID: id}
+	dbconnection.Where("id = ?", profil.ID).First(&profil)
+	profil.Reseller = !profil.Reseller
+	if err := dbconnection.Save(profil).Error; err != nil {
+		logger.Error("database: during modify host profil: ", err)
+		w.WriteHeader(http.StatusInternalServerError)
+		returnerr = &libapi.ErrorResult{Message: "Internal Database Error with Database"}
+		return
+	}
+	returndata = true
+	return
+}
diff --git a/modul/host/apiprofil_test.go b/modul/host/apiprofil_test.go
new file mode 100644
index 0000000..7392803
--- /dev/null
+++ b/modul/host/apiprofil_test.go
@@ -0,0 +1,78 @@
+package host
+
+import (
+	"net/http"
+	"strconv"
+	"testing"
+
+	"dev.sum7.eu/sum7/warehost/system"
+	"dev.sum7.eu/sum7/warehost/test"
+)
+
+func TestAPIProfil(t *testing.T) {
+
+	assertion, db, router := test.Init(t)
+	defer db.Close()
+
+	//load system Models to database
+	system.SyncModels(db)
+	db.Unscoped().Delete(Profil{})
+	SyncModels(db)
+
+	// Bind API
+	system.BindAPI(db, router, "")
+	BindAPI(db, router, "/host")
+	session := test.NewSession(router)
+
+	loginTest(session, assertion)
+
+	result, w := session.JSONRequest("DELETE", "/host/delete", nil)
+	assertion.Equal(w.StatusCode, http.StatusOK)
+
+	// Need a Profile for Next tests
+	result, w = session.JSONRequest("POST", "/host/signup", nil)
+	assertion.Equal(w.StatusCode, http.StatusOK)
+	assertion.Equal(result.Data, true)
+
+	/*
+	 * TEST profilList
+	 */
+	session.Clean()
+	result, w = session.JSONRequest("GET", "/host/profils", nil)
+	assertion.Equal(w.StatusCode, http.StatusUnauthorized)
+	assertion.Equal(result.Data, false)
+
+	loginTest(session, assertion)
+
+	result, w = session.JSONRequest("GET", "/host/profils", nil)
+	assertion.Equal(w.StatusCode, http.StatusOK)
+	assertion.NotEqual(result.Data, false)
+
+	/*
+	 * TEST toggleReseller
+	 */
+	result, w = session.JSONRequest("GET", "/host/profils", nil)
+	assertion.Equal(w.StatusCode, http.StatusOK)
+	assertion.NotEqual(result.Data, false)
+	var id int
+	for _, obj := range result.Data.([]interface{}) {
+		item := obj.(map[string]interface{})
+		id = int(item["ID"].(float64))
+	}
+
+	session.Clean()
+
+	result, w = session.JSONRequest("PATCH", "/host/profil/"+strconv.Itoa(id), nil)
+	assertion.Equal(w.StatusCode, http.StatusUnauthorized)
+	assertion.Equal(result.Data, false)
+
+	loginTest(session, assertion)
+
+	result, w = session.JSONRequest("PATCH", "/host/profil/"+strconv.Itoa(id), nil)
+	assertion.Equal(w.StatusCode, http.StatusOK)
+	assertion.Equal(result.Data, true)
+
+	result, w = session.JSONRequest("PATCH", "/host/profil/"+strconv.Itoa(id), nil)
+	assertion.Equal(w.StatusCode, http.StatusOK)
+	assertion.Equal(result.Data, true)
+}