diff --git a/.gitignore b/.gitignore
index 4d5df68..e259287 100644
--- a/.gitignore
+++ b/.gitignore
@@ -24,3 +24,6 @@ bin/
 dist/
 hack/cert-manager.yaml
 hack/rootCA.pem
+
+# Bitwarden state file
+.bitwarden-state
diff --git a/README.md b/README.md
index 874c500..4f8c5fc 100644
--- a/README.md
+++ b/README.md
@@ -35,6 +35,46 @@ Response:
 }
 ```
 
+### GetSecretsByIds
+
+`/rest/api/1/secrets-by-ids`
+
+Method `GET`.
+
+```json
+{
+  "ids": [
+    "f5847eef-2f89-43bc-885a-b18a01178e3e", "0cab75c4-ba26-4996-a8bf-517095857ce3"
+  ]
+}
+```
+
+Response:
+```json
+{
+  "data": [
+    {
+      "creationDate": "2024-04-04",
+      "id": "f5847eef-2f89-43bc-885a-b18a01178e3e",
+      "key": "test",
+      "note": "note",
+      "organizationId": "f5847eef-2f89-43bc-885a-b18a01178e3e",
+      "revisionDate": "2024-04-04",
+      "value": "value"
+    },
+    {
+      "creationDate": "2024-04-05",
+      "id": "0cab75c4-ba26-4996-a8bf-517095857ce3",
+      "key": "test2",
+      "note": "note2",
+      "organizationId": "f5847eef-2f89-43bc-885a-b18a01178e3e",
+      "revisionDate": "2024-04-05",
+      "value": "value2"
+    }
+  ]
+}
+```
+
 ### ListSecrets
 
 `/rest/api/1/secrets`
diff --git a/pkg/server/server.go b/pkg/server/server.go
index 6608907..8439a5a 100644
--- a/pkg/server/server.go
+++ b/pkg/server/server.go
@@ -70,6 +70,7 @@ func (s *Server) Run(_ context.Context) error {
 	// The header will always contain the right credentials.
 	warden.Get("/secret", s.getSecretHandler)
 	warden.Get("/secrets", s.listSecretsHandler)
+	warden.Get("/secrets-by-ids", s.getByIdsSecretHandler)
 	warden.Delete("/secret", s.deleteSecretHandler)
 	warden.Post("/secret", s.createSecretHandler)
 	warden.Put("/secret", s.updateSecretHandler)
@@ -111,6 +112,26 @@ func (s *Server) getSecretHandler(w http.ResponseWriter, r *http.Request) {
 	s.handleResponse(secretResponse, w)
 }
 
+func (s *Server) getByIdsSecretHandler(w http.ResponseWriter, r *http.Request) {
+	request := &sdk.SecretsGetRequest{}
+	c, err := s.getClient(r, &request)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+
+		return
+	}
+	defer c.Close()
+
+	secretResponse, err := c.Secrets().GetByIDS(request.IDS)
+	if err != nil {
+		http.Error(w, "failed to get secrets: "+err.Error(), http.StatusBadRequest)
+
+		return
+	}
+
+	s.handleResponse(secretResponse, w)
+}
+
 func (s *Server) listSecretsHandler(w http.ResponseWriter, r *http.Request) {
 	request := &sdk.SecretIdentifiersRequest{}
 	c, err := s.getClient(r, &request)