diff --git a/appinfo/routes.php b/appinfo/routes.php
index 74e8f5712..2ce8be12c 100644
--- a/appinfo/routes.php
+++ b/appinfo/routes.php
@@ -59,12 +59,16 @@
 		],
 
 		// API routes v3
+		// Forms
 		['name' => 'api#getForms', 'url' => '/api/{apiVersion}/forms', 'verb' => 'GET', 'requirements' => $requirements_v3],
 		['name' => 'api#newForm', 'url' => '/api/{apiversion}/forms', 'verb' => 'POST', 'requirements' => $requirements_v3],
 		['name' => 'api#getForm', 'url' => '/api/{apiVersion}/forms/{id}', 'verb' => 'GET', 'requirements' => $requirements_v3],
 		['name' => 'api#updateForm', 'url' => '/api/{apiVersion}/forms/{id}', 'verb' => 'PATCH', 'requirements' => $requirements_v3],
 		['name' => 'api#deleteForm', 'url' => '/api/{apiVersion}/forms/{id}', 'verb' => 'DELETE', 'requirements' => $requirements_v3],
 
+		// Questions
+		['name' => 'api#getQuestions', 'url' => '/api/{apiVersion}/forms/{id}/questions', 'verb' => 'GET', 'requirements' => $requirements_v3],
+
 		// Legacy v2 routes (TODO: remove with Forms v5)
 		// Forms
 		['name' => 'api#getFormsLegacy', 'url' => '/api/{apiVersion}/forms', 'verb' => 'GET', 'requirements' => [
diff --git a/lib/Controller/ApiController.php b/lib/Controller/ApiController.php
index fdba8c487..3200f1d03 100644
--- a/lib/Controller/ApiController.php
+++ b/lib/Controller/ApiController.php
@@ -96,6 +96,7 @@ public function __construct(
 	}
 
 	// API v3 methods
+	// Forms
 	/**
 	 * @CORS
 	 * @NoAdminRequired
@@ -357,6 +358,36 @@ public function deleteForm(int $id): DataResponse {
 		return new DataResponse($id);
 	}
 
+	// Questions
+	/**
+	 * @CORS
+	 * @NoAdminRequired
+	 *
+	 * Read all questions (including options)
+	 *
+	 * @param int $id FormId
+	 * @return DataResponse
+	 * @throws OCSBadRequestException
+	 * @throws OCSForbiddenException
+	 */
+	public function getQuestions(int $id): DataResponse {
+		try {
+			$form = $this->formMapper->findById($id);
+		} catch (IMapperException $e) {
+			$this->logger->debug('Could not find form');
+			throw new OCSBadRequestException();
+		}
+
+		if (!$this->formsService->hasUserAccess($form)) {
+			$this->logger->debug('User has no permissions to get this form');
+			throw new OCSForbiddenException();
+		}
+
+		$questionData = $this->formsService->getQuestions($id);;
+
+		return new DataResponse($questionData);
+	}
+
 	/*
 	/* Legacy API v2 methods (TODO: remove with Forms v5)
 	 */