diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/DynamicRegistrationController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/DynamicRegistrationController.java
index 9f4c8a1e2..c72ec3652 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/DynamicRegistrationController.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/DynamicRegistrationController.java
@@ -66,6 +66,12 @@ public ResponseEntity<?> getDisabledMetadataSources() throws ForbiddenException
         return ResponseEntity.ok(dynamicRegistrationService.getDisabledDynamicRegistrations());
     }
 
+    @GetMapping(value = "/DynamicRegistration/{resourceId}", produces = "application/json")
+    @Transactional(readOnly = true)
+    public ResponseEntity<?> getOne(@PathVariable String resourceId) throws ForbiddenException {
+        return ResponseEntity.ok(dynamicRegistrationService.getOne(resourceId));
+    }
+
     @DeleteMapping(value = "/DynamicRegistration/{resourceId}")
     @Transactional
     public ResponseEntity<?> deleteOne(@PathVariable String resourceId) throws ForbiddenException, PersistentEntityNotFound {
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/DynamicRegistrationService.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/DynamicRegistrationService.java
index 735f6357e..ef95ce70b 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/DynamicRegistrationService.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/DynamicRegistrationService.java
@@ -23,6 +23,8 @@ DynamicRegistrationRepresentation approveDynamicRegistration(String resourceId,
 
     List<DynamicRegistrationRepresentation> getDisabledDynamicRegistrations() throws ForbiddenException;
 
+    DynamicRegistrationRepresentation getOne(String resourceId) throws ForbiddenException;
+
     DynamicRegistrationRepresentation update(DynamicRegistrationRepresentation dynRegRepresentation) throws PersistentEntityNotFound, ForbiddenException;
 
     DynamicRegistrationRepresentation updateGroupForDynamicRegistration(String resourceId, String groupId) throws ForbiddenException, PersistentEntityNotFound;
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPADynamicRegistrationServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPADynamicRegistrationServiceImpl.java
index 6e7c94e7c..9c804d42c 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPADynamicRegistrationServiceImpl.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPADynamicRegistrationServiceImpl.java
@@ -159,6 +159,15 @@ public List<DynamicRegistrationRepresentation> getDisabledDynamicRegistrations()
         return convertToRepresentations(temp);
     }
 
+    @Override
+    public DynamicRegistrationRepresentation getOne(String resourceId) throws ForbiddenException {
+        DynamicRegistrationInfo existingDri = repository.findByResourceId(resourceId);
+        if (!shibUiAuthorizationDelegate.hasPermission(userService.getCurrentUserAuthentication(), existingDri, PermissionType.viewOrEdit)) {
+            throw new ForbiddenException();
+        }
+        return new DynamicRegistrationRepresentation(existingDri);
+    }
+
     @Override
     public DynamicRegistrationRepresentation update(DynamicRegistrationRepresentation dynRegRepresentation)
                     throws PersistentEntityNotFound, ForbiddenException, ConcurrentModificationException {
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/DynamicRegistrationControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/DynamicRegistrationControllerTests.groovy
index 9cd248bec..d2a0d258d 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/DynamicRegistrationControllerTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/DynamicRegistrationControllerTests.groovy
@@ -225,11 +225,11 @@ class DynamicRegistrationControllerTests extends AbstractBaseDataJpaTest {
         result1.andExpect(status().isOk()).andExpect(content().contentType(APPLICATION_JSON)).andExpect(jsonPath("\$").isEmpty())
 
         when:
-        def dynReg2 = new DynamicRegistrationInfo(resourceId: 'uuid-2', enabled: false, idOfOwner: "testingGroupBBB", applicationType: 'apptype',
+        def dynReg2 = new DynamicRegistrationInfo(resourceId: 'uuid-2', enabled: false, applicationType: 'apptype',
                 approved: true, contacts: 'contacts', jwks: 'jwks', logoUri: 'logouri', policyUri: 'policyuri',
                 redirectUris: 'redirecturis', responseTypes: 'responsetypes', scope: 'scope', subjectType: 'subjecttype',
                 tokenEndpointAuthMethod: 'token', tosUri: 'tosuri', grantType: GrantType.implicit)
-        repo.saveAndFlush(dynReg2)
+        dynamicRegistrationService.createNew(new DynamicRegistrationRepresentation(dynReg2))
         def result = mockMvc.perform(get('/api/DynamicRegistrations'))
 
         then:
@@ -251,6 +251,31 @@ class DynamicRegistrationControllerTests extends AbstractBaseDataJpaTest {
               .andExpect(jsonPath("\$.[0].tokenEndpointAuthMethod").value("token"))
               .andExpect(jsonPath("\$.[0].tosUri").value("tosuri"))
               .andExpect(jsonPath("\$.[0].grantType").value("implicit"))
+
+        try {
+            mockMvc.perform(get('/api/DynamicRegistration/uuid-1'))
+        } catch (Exception e) {
+            e instanceof ForbiddenException
+        }
+
+        def result2 = mockMvc.perform(get('/api/DynamicRegistration/uuid-2'))
+        result2.andDo(MockMvcResultHandlers.print())
+               .andExpect(status().isOk()).andExpect(content().contentType(APPLICATION_JSON))
+               .andExpect(jsonPath("\$.resourceId").value("uuid-2"))
+               .andExpect(jsonPath("\$.enabled").value(false))
+               .andExpect(jsonPath("\$.idOfOwner").value("testingGroupBBB"))
+               .andExpect(jsonPath("\$.applicationType").value("apptype"))
+               .andExpect(jsonPath("\$.contacts").value("contacts"))
+               .andExpect(jsonPath("\$.jwks").value("jwks"))
+               .andExpect(jsonPath("\$.logoUri").value("logouri"))
+               .andExpect(jsonPath("\$.policyUri").value("policyuri"))
+               .andExpect(jsonPath("\$.redirectUris").value("redirecturis"))
+               .andExpect(jsonPath("\$.responseTypes").value("responsetypes"))
+               .andExpect(jsonPath("\$.scope").value("scope"))
+               .andExpect(jsonPath("\$.subjectType").value("subjecttype"))
+               .andExpect(jsonPath("\$.tokenEndpointAuthMethod").value("token"))
+               .andExpect(jsonPath("\$.tosUri").value("tosuri"))
+               .andExpect(jsonPath("\$.grantType").value("implicit"))
     }
 
     @WithMockUser(value = "someUser", roles = ["USER"])