diff --git a/.gitignore b/.gitignore
index 0384674..d677244 100644
--- a/.gitignore
+++ b/.gitignore
@@ -42,3 +42,4 @@ Thumbs.db
 local.settings.json
 az-login.bat
 /.nx/cache
+/infra/.terraform/
diff --git a/infra/.terraform.lock.hcl b/infra/.terraform.lock.hcl
new file mode 100644
index 0000000..3256db0
--- /dev/null
+++ b/infra/.terraform.lock.hcl
@@ -0,0 +1,22 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/azurerm" {
+  version     = "3.97.1"
+  constraints = ">= 3.96.0"
+  hashes = [
+    "h1:m5wyoRGjbVfJU2YaGZrN1lfGgjpyuwi7Ykw1uHdwlAg=",
+    "zh:15171efcc3aa3a37748c502c493cb16ecff603b81ada4499a843574976bac524",
+    "zh:2ca6c13a4a96f67763ecced0015c7b101ee02d54ea54b28a8df4ae06468071b1",
+    "zh:2e3c77dbfd8f760132ecef2d6117e939cbea26b96aba5e4d926e7f7f0f7afe72",
+    "zh:4bc346eece1622be93c73801d8256502b11fd7c2e7f7cea12d048bb9fc9fe900",
+    "zh:4f1042942ed8d0433680a367527289459d43b0894a51eaba83ac414e80d5187f",
+    "zh:63e674c31482ae3579ea84daf5b1ba066ce40cb23475f54e17b6b131320a1bec",
+    "zh:8327148766dcb7a174673729a832c8095d7e137d0e6c7e2a9a01da48b8b73fbe",
+    "zh:851b3ae417059a80c7813e7f0063298a590a42f056004f2c2558ea14061c207e",
+    "zh:ac081b48907139c121a422ae9b1f40fc72c6aaaeb05cbdbf848102a6a5f426f4",
+    "zh:dc1d663df2d95e4ba91070ceb20d3560b6ea5c465d39c57a5979319302643e41",
+    "zh:ed26457367cbbb94237e935d297cb31b5687f9abf697377da0ee46974480db9b",
+    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
+  ]
+}
diff --git a/infra/apim.tf b/infra/apim.tf
new file mode 100644
index 0000000..5f4f585
--- /dev/null
+++ b/infra/apim.tf
@@ -0,0 +1,113 @@
+variable "MTFSZ_CLIENT_ID" {
+  type = string
+  sensitive = true
+}
+
+variable "MTFSZ_CLIENT_SECRET" {
+  type = string
+  sensitive = true
+}
+
+resource "azurerm_api_management" "apim" {
+  name                = "pontozo-apim-tf"
+  location            = "West Europe"
+  resource_group_name = azurerm_resource_group.tf-rg.name
+  publisher_name      = "Fekete Sámuel"
+  publisher_email     = "feketesamu@gmail.com"
+
+  sku_name = "Consumption_0"
+}
+
+resource "azurerm_api_management_api" "mtfsz-api" {
+  name                  = "mtfsz"
+  resource_group_name   = azurerm_resource_group.tf-rg.name
+  api_management_name   = azurerm_api_management.apim.name
+  revision              = "1"
+  display_name          = "MTFSZ API"
+  protocols             = ["https"]
+  service_url           = "https://api.mtfsz.hu/api/v1_0"
+  subscription_required = true
+  subscription_key_parameter_names {
+    header = "Ocp-Apim-Subscription-Key"
+    query  = "subscription-key"
+  }
+}
+
+resource "azurerm_api_management_api_operation" "get-events" {
+  operation_id        = "get-events"
+  api_name            = azurerm_api_management_api.mtfsz-api.name
+  api_management_name = azurerm_api_management_api.mtfsz-api.api_management_name
+  resource_group_name = azurerm_api_management_api.mtfsz-api.resource_group_name
+  display_name        = "Get all events"
+  method              = "GET"
+  url_template        = "/esemenyek"
+
+  request {
+    query_parameter {
+      name     = "esemeny_id"
+      type     = "integer"
+      required = false
+    }
+  }
+
+
+  response {
+    status_code = 200
+  }
+
+}
+
+resource "azurerm_api_management_api_policy" "mtfsz-api-policy" {
+  api_name            = azurerm_api_management_api.mtfsz-api.name
+  api_management_name = azurerm_api_management_api.mtfsz-api.api_management_name
+  resource_group_name = azurerm_api_management_api.mtfsz-api.resource_group_name
+
+
+  xml_content = <<XML
+<policies>
+    <inbound>
+        <base />
+        <cors allow-credentials="false">
+            <allowed-origins>
+                <origin>http://localhost:3001/</origin>
+                <origin>https://pontozo.mtfsz.hu/</origin>
+            </allowed-origins>
+            <allowed-methods>
+                <method>GET</method>
+            </allowed-methods>
+        </cors>
+        <get-authorization-context provider-id="mtfsz" authorization-id="mtfsz" context-variable-name="auth-context" identity-type="managed" ignore-error="false" />
+        <set-header name="Authorization" exists-action="override">
+            <value>@("Bearer " + ((Authorization)context.Variables.GetValueOrDefault("auth-context"))?.AccessToken)</value>
+        </set-header>
+    </inbound>
+    <backend>
+        <base />
+    </backend>
+    <outbound>
+        <base />
+    </outbound>
+    <on-error>
+        <base />
+    </on-error>
+</policies>
+XML
+}
+
+resource "azurerm_api_management_authorization_server" "mtfsz-oauth" {
+  name                         = "mtfsz"
+  api_management_name          = azurerm_api_management.apim.name
+  resource_group_name          = azurerm_api_management.apim.resource_group_name
+  display_name                 = "MTFSZ OAuth 2.0"
+  authorization_endpoint       = "https://api.mtfsz.hu/oauth/v2/auth"
+  client_registration_endpoint = "https://api.mtfsz.hu/oauth/v2/token"
+  client_id                    = var.MTFSZ_CLIENT_ID
+  client_secret                = var.MTFSZ_CLIENT_SECRET
+
+  grant_types = [
+    "clientCredentials",
+  ]
+  authorization_methods = [
+    "GET",
+  ]
+}
diff --git a/infra/main.tf b/infra/main.tf
new file mode 100644
index 0000000..0c80fdb
--- /dev/null
+++ b/infra/main.tf
@@ -0,0 +1,23 @@
+terraform {
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = ">=3.96.0"
+    }
+  }
+  cloud {
+    organization = "feketesamu"
+    workspaces {
+      name = "pontozo"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "tf-rg" {
+  name     = "pontozo-tf"
+  location = "Poland Central"
+}