diff --git a/backend/src/routes/consent.js b/backend/src/routes/consent.js
index 8483ea6..c7c95f6 100644
--- a/backend/src/routes/consent.js
+++ b/backend/src/routes/consent.js
@@ -18,7 +18,7 @@ const dbManager = require('../database/DatabaseManager');
  * GET /api/social-media/platforms
  * Liste aller aktiven Social Media Plattformen
  */
-router.get('/social-media/platforms', async (req, res) => {
+router.get('/api/social-media/platforms', async (req, res) => {
     try {
         const socialMediaRepo = new SocialMediaRepository(dbManager);
         const platforms = await socialMediaRepo.getActivePlatforms();
@@ -46,7 +46,7 @@ router.get('/social-media/platforms', async (req, res) => {
  *   socialMediaConsents: [{ platformId: number, consented: boolean }]
  * }
  */
-router.post('/groups/:groupId/consents', async (req, res) => {
+router.post('/api/groups/:groupId/consents', async (req, res) => {
     try {
         const { groupId } = req.params;
         const { workshopConsent, socialMediaConsents } = req.body;
@@ -101,7 +101,7 @@ router.post('/groups/:groupId/consents', async (req, res) => {
  * GET /api/groups/:groupId/consents
  * Lade alle Consents für eine Gruppe
  */
-router.get('/groups/:groupId/consents', async (req, res) => {
+router.get('/api/groups/:groupId/consents', async (req, res) => {
     try {
         const { groupId } = req.params;
 
diff --git a/docker/dev/frontend/nginx.conf b/docker/dev/frontend/nginx.conf
index 4a52652..a9ad180 100644
--- a/docker/dev/frontend/nginx.conf
+++ b/docker/dev/frontend/nginx.conf
@@ -54,6 +54,15 @@ server {
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
     }
+
+    # API - Social Media Consent Management (NO PASSWORD PROTECTION)
+    location /api/social-media {
+        proxy_pass http://backend-dev:5000/api/social-media;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
     
     # Admin API routes (NO password protection - protected by /moderation page access)
     location /api/admin {
diff --git a/docker/prod/frontend/nginx.conf b/docker/prod/frontend/nginx.conf
index 523a6fa..c7c57e5 100644
--- a/docker/prod/frontend/nginx.conf
+++ b/docker/prod/frontend/nginx.conf
@@ -88,6 +88,15 @@ http {
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
             proxy_set_header X-Forwarded-Proto $scheme;
         }
+
+        # API - Social Media Consent Management (NO PASSWORD PROTECTION)
+        location /api/social-media {
+            proxy_pass http://image-uploader-backend:5000/api/social-media;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
         
         # Admin API routes (NO password protection - protected by /moderation page access)
         location /api/admin {