diff --git a/ayanova/devdocs/todo.txt b/ayanova/devdocs/todo.txt
index 36bb1acd..2cfcbb78 100644
--- a/ayanova/devdocs/todo.txt
+++ b/ayanova/devdocs/todo.txt
@@ -52,23 +52,37 @@ http://localhost:7575/profiler/results-list
 http://localhost:7575/profiler/results
 
 {http://localhost:7575/profiler/results-index?t=OquBJHsnjgWTyD5NQvAhTYcMWMeMVFaVjiQ7CBFwI}
+
+
 todo: Profiling
 	Go over profiling and unit tests, see where there are obvious issues and bottlenecks now that I have the data
-	Block licensing related queries and view from profile
+	Block licensing related queries and view and auth from profile
 	Metrics view: 
-		find a way to get the raw data so it can be fed back to the metrics route and limited to what I want to allow to show
-		maybe store just the critical or slowest routes with some db info into the database on schedule from the in memory cache?	
-		https://github.com/MiniProfiler/dotnet/tree/master/src/MiniProfiler.Shared/ui
+		Update: not sure I need this now, but maybe down the road might want to profile some particular thing outside of api routes?
+			find a way to get the raw data so it can be fed back to the metrics route and limited to what I want to allow to show
+			maybe store just the critical or slowest routes with some db info into the database on schedule from the in memory cache?	
+			https://github.com/MiniProfiler/dotnet/tree/master/src/MiniProfiler.Shared/ui
 
 	Full profiling view:
-		but find a way to allow / enable the full suite of profile as it is for just technical support purposes, i.e. a hidden switch or something?
-		some kind of limitation to the route so not anyone can just open it (source IP or domain?, i.e. tech support)
+			Add a role check in startup on auth for full view
+			Add a switch to turn off profiling or turn it on
+				ideally somehow do it from within a route so can turn it on and off dynamically
+			Add a filter to filter out anything auth related so no one can see that, i.e. filter out Authenticate routes where JWT is visible in query
+			Add a link in UI for profiler, maybe host inside a frame or something
+				(actually this might help with the auth dl token as well)
+			Try out the hella big debug option, if it looks useful then
+				Add a boot switch to turn on the hella big debug option or do it from the turn on and off route as well?
+
 	Our metrics not route related
 		Can add our own metrics back into the profiling now that it's there with miniprofiler so if anything I want to track then can do that
 			rockfish license fetching timer?
+		maybe keep this in back pocket for now, not sure there is anything I would want to use it for
 
 	
-
+todo: Metrics, determine what else is needed for the basic graphing metrics, don't push it but whatever would be useful
+	size of database as seen by postgres would be useful 
+		Look at pgadmin stats and see what is useful there
+	Other...bottlenecks potential..Bueller...
 
 todo: remove search option from metrics / logs etc as it implies you can search those things and you can't