diff --git a/README.md b/README.md
index 00ab3c4..8087889 100644
--- a/README.md
+++ b/README.md
@@ -153,4 +153,4 @@ Users with ReadOnly role will receive Forbidden error when calling this API endp
 #### List
 GET `/api/secret/list`
 
-Not yet implemented. Will generate a list of device names and categories but not username or secret data.
\ No newline at end of file
+Will generate a list of device names and categories but not secret data.
\ No newline at end of file
diff --git a/main.go b/main.go
index 7ce6ffb..4015e49 100644
--- a/main.go
+++ b/main.go
@@ -148,12 +148,12 @@ func main() {
 	protected := router.Group("/api/secret")
 	protected.Use(middlewares.JwtAuthMiddleware())
 	protected.POST("/retrieve", controllers.RetrieveSecret)
-	protected.POST("/list", controllers.ListSecrets)
+	protected.GET("/list", controllers.ListSecrets)
 	protected.POST("/retrieveMultiple", controllers.RetrieveMultpleSecrets)
 	protected.POST("/store", controllers.StoreSecret)
 	protected.POST("/update", controllers.UpdateSecret)
 
-	// TODO - support parameters in path
+	// Support parameters in path
 	// See https://gin-gonic.com/docs/examples/param-in-path/
 	protected.GET("/retrieve/name/:devicename", controllers.RetrieveSecretByDevicename)
 	protected.GET("/retrieve/category/:devicecategory", controllers.RetrieveSecretByDevicecategory)