diff --git a/package.json b/package.json
index 9b51df4..d62c954 100644
--- a/package.json
+++ b/package.json
@@ -41,7 +41,12 @@
     "jscs": "^1.13.1",
     "js-beautify": "^1.5.5",
     "jshint": "^2.7.0",
-    "mocha": "^2.2.5"
+    "mocha": "^2.2.5",
+    "request": "~2.57.0",
+    "habitat": "~3.1.2",
+    "jade": "~1.10.0",
+    "simple-oauth2": "https://github.com/ORCID/simple-oauth2/archive/MASTER_2015_06_03.tar.gz",
+    "express-session": "~1.11.2"
   },
   "engines": {
     "node": "0.12.2"
diff --git a/src/badgeClient.js b/src/badgeClient.js
new file mode 100644
index 0000000..0b778f2
--- /dev/null
+++ b/src/badgeClient.js
@@ -0,0 +1,10 @@
+var ApiClient = require('badgekit-api-client');
+
+module.exports = function(config) {
+	var auth = {
+      key: config.BADGES_KEY,
+      secret: config.BADGES_SECRET
+    };   
+
+    return new ApiClient(config.BADGES_ENDPOINT, auth);
+}
\ No newline at end of file
diff --git a/src/badgeService.js b/src/badgeService.js
new file mode 100644
index 0000000..c656a87
--- /dev/null
+++ b/src/badgeService.js
@@ -0,0 +1,77 @@
+module.exports = function (apiClient, config) {  
+  var system = config.BADGES_SYSTEM;
+  // orcidRe = /(\d{4}-\d{4}-\d{4}-\d{4})@orcid\.org/;
+  // Url = require('url');
+
+  function emailFromORCID(orcid) {
+    return orcid + '@orcid.org';
+  }
+
+  // function ORCIDFromEmail(email) {
+  //   var m = orcidRe.exec(email);
+  //   if (m !== null) {
+  //     return m[1];
+  //   }
+  // }
+
+  function modEntry(entry, orcid) {
+    entry.orcid = orcid;
+    delete entry.email;
+    return true;
+  }
+
+  // function urlFromDOI(doi) {
+  //   return 'http://dx.doi.org/' + doi;
+  // }
+
+  // function DOIFromURL(url) {
+  //   // pathname should be '/10.1371/journal.pbio.1002126' from 'http://dx.doi.org/10.1371/journal.pbio.1002126'
+  //   return encodeURI(Url.parse(url).pathname) || url;
+  // }
+
+  function _getBadges(orcid, badge) {
+    return function(callback) {
+      var filtered;
+      apiClient.getBadgeInstances({
+        system: system
+      }, emailFromORCID(orcid), function (err, badges) {
+        if (err) {
+          console.error(err);
+          return callback(err);
+        }
+        // filter for the badge
+        if (badges) {
+          filtered = badges.filter(function (entry) {
+            return (entry.badge.slug === badge) ? modEntry(entry, orcid) : false;
+          });
+        }
+
+        if (filtered && filtered.length === 0) {
+          callback('not found');
+        } else {
+          callback(null, filtered);
+        }
+      });
+    }        
+  }
+
+  function _getAllBadges() {    
+    return function(callback) {      
+      apiClient.getAllBadges({
+        system: system
+      }, function (err, badges) {
+        if (err) {
+          console.error(err);        
+          callback(err);
+        } else {
+          callback(null, badges);
+        }      
+      });  
+    };    
+  }
+
+  return {
+    getBadges: _getBadges,
+    getAllBadges: _getAllBadges
+  };
+};
diff --git a/test/api.js b/test/api.js
index 17ba81c..dc6fb35 100644
--- a/test/api.js
+++ b/test/api.js
@@ -1,4 +1,4 @@
-var request = require('supertest');
+var request = require('request');
 
 // test config (need to override .env and .env.dist)
 process.env.SESSION_SECRET = 'test_secret'