diff --git a/app/api.rb b/app/api.rb
index 1387c659..ff75e7ba 100644
--- a/app/api.rb
+++ b/app/api.rb
@@ -5,6 +5,31 @@ get '/api' do
   erb :'api'
 end
 
+get '/api/list' do
+  require_api_credentials
+
+  files = []
+
+  if params[:path].nil? || params[:path].empty?
+    file_list = current_site.site_files
+  else
+    file_list = current_site.file_list params[:path]
+  end
+
+  file_list.each do |file|
+    new_file = {}
+    new_file[:path] = file[:path]
+    new_file[:is_directory] = file[:is_directory]
+    new_file[:size] = file[:size] unless file[:is_directory]
+    new_file[:updated_at] = file[:updated_at].rfc2822
+    files << new_file
+  end
+
+  files.each {|f| f[:path].sub!(/^\//, '')}
+
+  api_success files: files
+end
+
 post '/api/upload' do
   require_api_credentials
 
diff --git a/tests/api_tests.rb b/tests/api_tests.rb
index 668589f8..de50312b 100644
--- a/tests/api_tests.rb
+++ b/tests/api_tests.rb
@@ -14,6 +14,46 @@ def create_site(opts={})
   @pass = site_attr[:password]
 end
 
+describe 'api list' do
+  it 'returns all files without path' do
+    create_site
+    basic_authorize @user, @pass
+    get '/api/list'
+
+    res[:result].must_equal 'success'
+    res[:files].length.must_equal @site.site_files.length
+
+    res[:files].each do |file|
+      site_file = @site.site_files.select {|s| s[:path] == file[:path]}.first
+      site_file[:is_directory].must_equal file[:is_directory]
+      site_file[:size].must_equal file[:size]
+      site_file[:updated_at].rfc2822.must_equal file[:updated_at]
+    end
+  end
+
+  it 'shows empty array for missing path' do
+    create_site
+    basic_authorize @user, @pass
+    get '/api/list', path: '/fail'
+    res[:result].must_equal 'success'
+    res[:files].must_equal []
+  end
+
+  it 'shows files in path' do
+    create_site
+    tempfile = Tempfile.new
+    tempfile.write('meep html')
+    @site.store_files [{filename: '/derp/test.html', tempfile: tempfile}]
+    basic_authorize @user, @pass
+    get '/api/list', path: '/derp'
+    res[:result].must_equal 'success'
+    res[:files].length.must_equal 1
+    file = res[:files].first
+    file[:path].must_equal 'derp/test.html'
+    file[:updated_at].must_equal @site.site_files.select {|s| s.path == 'derp/test.html'}.first.updated_at.rfc2822
+  end
+end
+
 describe 'api info' do
   it 'fails for no input' do
     get '/api/info'
diff --git a/views/api.erb b/views/api.erb
index ec688c67..9f212f88 100644
--- a/views/api.erb
+++ b/views/api.erb
@@ -83,7 +83,7 @@ api.upload([
   <code>
     curl -d "filenames[]=img1.jpg" -d "filenames[]=img2.jpg" \<br> https://YOURUSER:YOURPASS@neocities.org/api/delete
   </code>
-  
+
   <h6>Using Node.js</h6>
   <pre>
 var NeoCities = require('neocities')
@@ -92,6 +92,59 @@ var api = new NeoCities('YOURUSERNAME', 'YOURPASSWORD')
 api.delete(['img1.jpg', 'img2.jpg'], function(resp) {
   console.log(resp)
 })</pre>
+  <h2>GET /api/list</h2>
+  <p>
+    This call provides a list of files for your site. If you pass no arguments, it will return a list of all files. If you provide a <strong>path</strong> argument, it will return a list of files for the path. Dates conform to <strong>RFC2822</strong>.
+  </p>
+  <h3>Examples</h3>
+  <h6>Using cURL</h6>
+  <pre>
+$ curl https://USER:PASS@neocities.org/api/list
+{
+  "result": "success",
+  "files": [
+    {
+      "path": "index.html",
+      "is_directory": false,
+      "size": 1023,
+      "updated_at": "Sat, 13 Feb 2016 03:04:00 -0000"
+    },
+    {
+      "path": "not_found.html",
+      "is_directory": false,
+      "size": 271,
+      "updated_at": "Sat, 13 Feb 2016 03:04:00 -0000"
+    },
+    {
+      "path": "images",
+      "is_directory": true,
+      "updated_at": "Sat, 13 Feb 2016 03:04:00 -0000"
+    },
+    {
+      "path": "images/cat.png",
+      "is_directory": false,
+      "size": 16793,
+      "updated_at": "Sat, 13 Feb 2016 03:04:00 -0000"
+    }
+  ]
+}
+</pre>
+
+<pre>
+$ curl "https://USER:PASS@neocities.org/api/list?path=images"
+{
+  "result": "success",
+  "files": [
+    {
+      "path": "images/cat.png",
+      "is_directory": false,
+      "size": 16793,
+      "updated_at": "Sat, 13 Feb 2016 03:04:00 -0000"
+    }
+  ]
+}
+</pre>
+
   <h2>GET /api/info</h2>
   <p>
     This call lets you retreive information about a web site. This call does not require site authorization if you provide a <strong>sitename</strong> argument. Note that the sitename is the same as a username. If you provide auth credentials, you will receive the info for the auth user's site. Dates conform to <strong>RFC2822</strong> format, and there are helpers for parsing it into a time object for most programming languages.