diff --git a/backend/flaschengeist_events/event_controller.py b/backend/flaschengeist_events/event_controller.py
index c835688..9b988de 100644
--- a/backend/flaschengeist_events/event_controller.py
+++ b/backend/flaschengeist_events/event_controller.py
@@ -2,6 +2,7 @@ from datetime import datetime, timedelta, timezone
 from enum import IntEnum
 from typing import Optional, Tuple
 from flaschengeist.models import UtcDateTime
+from flaschengeist.models.user import User
 
 from werkzeug.exceptions import BadRequest, Conflict, NotFound
 from sqlalchemy.exc import IntegrityError
@@ -339,6 +340,12 @@ def get_invitation(id: int):
     return inv
 
 
+def get_invitations(user: User):
+    return Invitation.query.filter(
+        (Invitation.invitee_ == user) | (Invitation.inviter_ == user) | (Invitation.transferee_ == user)
+    ).all()
+
+
 def cancel_invitation(inv: Invitation):
     db.session.delete(inv)
     db.session.commit()
diff --git a/backend/flaschengeist_events/routes.py b/backend/flaschengeist_events/routes.py
index b9c674f..18d184e 100644
--- a/backend/flaschengeist_events/routes.py
+++ b/backend/flaschengeist_events/routes.py
@@ -397,6 +397,12 @@ def get_jobs(current_session: Session):
     return jsonify({"count": count, "result": result})
 
 
+@EventPlugin.blueprint.route("/events/jobs/<int:job_id>", methods=["GET"])
+@login_required()
+def get_job(job_id, current_session: Session):
+    return jsonify(event_controller.get_job(job_id))
+
+
 @EventPlugin.blueprint.route("/events/jobs/<int:job_id>/assign", methods=["POST"])
 @login_required()
 def assign_job(job_id, current_session: Session):
@@ -498,12 +504,18 @@ def invite(current_session: Session):
         raise BadRequest
 
 
+@EventPlugin.blueprint.route("/events/invitations", methods=["GET"])
+@login_required()
+def get_invitations(current_session: Session):
+    return jsonify(event_controller.get_invitations(current_session.user_))
+
+
 @EventPlugin.blueprint.route("/events/invitations/<int:invitation_id>", methods=["GET"])
 @login_required()
 def get_invitation(invitation_id: int, current_session: Session):
     inv = event_controller.get_invitation(invitation_id)
     if current_session.userid not in [inv.invitee_id, inv.inviter_id, inv.transferee_id]:
-        raise Forbidden
+        raise NotFound
     return jsonify(inv)