diff --git a/lib/auth.js b/lib/auth.js
index b50a923f..b98fb923 100644
--- a/lib/auth.js
+++ b/lib/auth.js
@@ -1,6 +1,7 @@
+import { validate } from 'uuid';
 import { parseSecureToken, parseToken, getItem } from 'next-basics';
 import { AUTH_TOKEN, SHARE_TOKEN_HEADER } from './constants';
-import { getWebsiteById } from 'queries';
+import { getWebsite } from 'queries';
 import { secret } from './crypto';
 
 export async function getAuthToken(req) {
@@ -38,13 +39,12 @@ export async function isValidToken(token, validation) {
 export async function allowQuery(req, skipToken) {
   const { id } = req.query;
   const token = req.headers[SHARE_TOKEN_HEADER];
-  const websiteId = +id;
 
-  const website = await getWebsiteById(websiteId);
+  const website = await getWebsite(validate(id) ? { website_uuid: id } : { website_id: +id });
 
   if (website) {
     if (token && token !== 'undefined' && !skipToken) {
-      return isValidToken(token, { website_id: websiteId });
+      return isValidToken(token, { website_id: website.website_id });
     }
 
     const authToken = await getAuthToken(req);
diff --git a/pages/api/websites/[id]/index.js b/pages/api/websites/[id]/index.js
index bc9cb17f..30592213 100644
--- a/pages/api/websites/[id]/index.js
+++ b/pages/api/websites/[id]/index.js
@@ -1,12 +1,14 @@
 import { getRandomChars, methodNotAllowed, ok, unauthorized } from 'next-basics';
-import { deleteWebsite, getWebsiteById, updateWebsite } from 'queries';
+import { deleteWebsite, getWebsite, getWebsiteById, updateWebsite } from 'queries';
 import { allowQuery } from 'lib/auth';
 import { useAuth, useCors } from 'lib/middleware';
+import { validate } from 'uuid';
 
 export default async (req, res) => {
   const { id } = req.query;
 
   const websiteId = +id;
+  const where = validate(id) ? { website_uuid: id } : { website_id: +id };
 
   if (req.method === 'GET') {
     await useCors(req, res);
@@ -15,7 +17,7 @@ export default async (req, res) => {
       return unauthorized(res);
     }
 
-    const website = await getWebsiteById(websiteId);
+    const website = await getWebsite(where);
 
     return ok(res, website);
   }
diff --git a/queries/admin/website/getWebsite.js b/queries/admin/website/getWebsite.js
new file mode 100644
index 00000000..83c3e83a
--- /dev/null
+++ b/queries/admin/website/getWebsite.js
@@ -0,0 +1,7 @@
+import prisma from 'lib/prisma';
+
+export async function getWebsite(where) {
+  return prisma.client.website.findUnique({
+    where,
+  });
+}
diff --git a/queries/index.js b/queries/index.js
index 35d79215..d6b4093a 100644
--- a/queries/index.js
+++ b/queries/index.js
@@ -9,6 +9,7 @@ export * from './admin/website/createWebsite';
 export * from './admin/website/deleteWebsite';
 export * from './admin/website/getAllWebsites';
 export * from './admin/website/getUserWebsites';
+export * from './admin/website/getWebsite';
 export * from './admin/website/getWebsiteById';
 export * from './admin/website/getWebsiteByShareId';
 export * from './admin/website/getWebsiteByUuid';