diff --git a/app/controllers/aaManager.py b/app/controllers/aaManager.py
new file mode 100644
index 0000000..031c3a9
--- /dev/null
+++ b/app/controllers/aaManager.py
@@ -0,0 +1,46 @@
+from fastapi import APIRouter, Depends, HTTPException
+from sqlmodel import Session, select
+from sqlalchemy.orm import selectinload
+from typing import List
+
+from ..model.models import *
+from ..services.database import engine, get_session, add_and_refresh
+import uuid as gen_uuid
+
+aa_router = APIRouter(prefix="/aa", tags=["AccessAuth"])
+
+#Needs
+#create AA (with linked timetable)
+#Assign AA to group
+#Modify timetable 
+
+@aa_router.post("/add", response_model=AccessAuthorizationResponse)
+def add_aa(*, db: Session = Depends(get_session), aa: AccessAuthorizationCreate):
+    print("Creating accessauth with data: ", aa)
+    timetables = [Timetable.model_validate(t) for t in aa.timetables]
+    db_aa = AccessAuthorizationDB(
+        name=aa.name,
+        is_active=aa.is_active,
+        timetables=timetables
+    )
+    return add_and_refresh(db, db_aa)
+    
+@aa_router.put("/assign/{group_id}/{aa_id}", response_model=GroupResponse)
+def assign_aa(*, db: Session = Depends(get_session), group_id: int, aa_id: int):
+    db_group = db.get(GroupDB, group_id)
+    if db_group is None:
+        raise HTTPException(status_code=404, detail="Group not found")
+    db_aa = db.get(AccessAuthorizationDB, aa_id)
+    if db_aa is None:
+        raise HTTPException(status_code=404, detail="AA not found")
+    if db_aa in db_group.accessauths:
+        raise HTTPException(status_code=400, detail="AA already assigned to group")
+    db_group.accessauths.append(db_aa)
+    return add_and_refresh(db, db_group)
+
+@aa_router.get("/", response_model=List[AccessAuthorizationResponse])
+def get_all_aa(db: Session = Depends(get_session)):
+    return db.exec(
+        select(AccessAuthorizationDB)
+        .options(selectinload(AccessAuthorizationDB.timetables))
+        ).all()
\ No newline at end of file
diff --git a/app/main.py b/app/main.py
index b7e764f..81a34a6 100644
--- a/app/main.py
+++ b/app/main.py
@@ -1,5 +1,5 @@
 from fastapi import FastAPI
-from .controllers import userManager, cardManager, groupManager
+from .controllers import userManager, cardManager, groupManager, aaManager
 from .services.database import create_db_and_tables
 
 app = FastAPI()
@@ -11,3 +11,4 @@ def on_startup():
 app.include_router(userManager.user_router)
 app.include_router(groupManager.group_router)
 app.include_router(cardManager.card_router)
+app.include_router(aaManager.aa_router)
\ No newline at end of file
diff --git a/app/model/models.py b/app/model/models.py
index ddd86ba..3288118 100644
--- a/app/model/models.py
+++ b/app/model/models.py
@@ -53,16 +53,18 @@ class AccessAuthorizationBase(Base):
     name: str = Field(index=True)
     is_active: bool
 
-class AccessAuthorizationDB(Base, table=True):
+class AccessAuthorizationDB(AccessAuthorizationBase, table=True):
     id: int | None = Field(default=None, primary_key=True)
     groups: List["GroupDB"] = Relationship(back_populates="accessauths", link_model=AaGroupLink)
     timetables: List["Timetable"] = Relationship(back_populates="accessauth")
 
 class AccessAuthorizationCreate(AccessAuthorizationBase):
-    pass
+    timetables: List["TimetableCreate"]
 
 class AccessAuthorizationResponse(AccessAuthorizationBase):
     id: int
+    timetables: List["Timetable"]
+    groups: List["GroupDB"]
 
 #### Card
 class Card(Base, table=True):
@@ -71,10 +73,16 @@ class Card(Base, table=True):
     group_id: int | None = Field(default=None, foreign_key="groupdb.id")
     group: GroupDB | None = Relationship(back_populates="cards")
 
-class Timetable(Base, table=True):
-    id: int | None = Field(default=None, primary_key=True)
-    weekday: int
+class TimetableBase(Base):
+    weekday: int = Field(le=7, ge=1)
     starttime: str
-    duration: int
-    accessauth_id: int | None = Field(default=None, foreign_key="accessauthorizationdb.id")
-    accessauth: AccessAuthorizationDB | None = Relationship(back_populates="timetables")
\ No newline at end of file
+    duration: int = Field(gt=0, lt=1440)
+
+class Timetable(TimetableBase, table=True):
+    id: int | None = Field(default=None, primary_key=True)
+    accessauth_id: int = Field(default=None, foreign_key="accessauthorizationdb.id")
+    accessauth: AccessAuthorizationDB = Relationship(back_populates="timetables")
+
+class TimetableCreate(TimetableBase):
+    pass
+
diff --git a/plan.txt b/plan.txt
index 3294030..1b70376 100644
--- a/plan.txt
+++ b/plan.txt
@@ -37,6 +37,11 @@ Plan:
         
     API Specification
         - See http://127.0.0.1:8000/openapi.json or swagger ui
+
+    Workflow:
+        Erstelle gruppe
+        Erstelle AA mit Timeslot
+        Registriere karte -> gruppe
         
     zeitplan
         Hier bin ich nicht sicher, ich denke an cron style für wiederholende dinge aber das kann nur zeitpunkte und keine blöcke.