diff --git a/src/api/endpoint/index.js b/src/api/endpoint/index.js
index e503bb143..044e113cd 100644
--- a/src/api/endpoint/index.js
+++ b/src/api/endpoint/index.js
@@ -2,8 +2,8 @@ const express = require('express');
 const bodyParser = require('body-parser');
 const Middleware = require('../web/middleware');
 const match = Middleware.match;
-const validate_name = Middleware.validate_name;
-const validate_pkg = Middleware.validate_package;
+const validateName = Middleware.validate_name;
+const validatePkg = Middleware.validate_package;
 const encodeScopePackage = Middleware.encodeScopePackage;
 
 const whoami = require('./api/whoami');
@@ -21,12 +21,12 @@ module.exports = function(config, auth, storage) {
 
   // validate all of these params as a package name
   // this might be too harsh, so ask if it causes trouble
-  app.param('package', validate_pkg);
-  app.param('filename', validate_name);
-  app.param('tag', validate_name);
-  app.param('version', validate_name);
-  app.param('revision', validate_name);
-  app.param('token', validate_name);
+  app.param('package', validatePkg);
+  app.param('filename', validateName);
+  app.param('tag', validateName);
+  app.param('version', validateName);
+  app.param('revision', validateName);
+  app.param('token', validateName);
 
   // these can't be safely put into express url for some reason
   // TODO: For some reason? what reason?
diff --git a/test/unit/api/api.spec.js b/test/unit/api/api.spec.js
index 837903115..db741af46 100644
--- a/test/unit/api/api.spec.js
+++ b/test/unit/api/api.spec.js
@@ -1,4 +1,8 @@
 import request from 'supertest';
+import _ from 'lodash';
+import path from 'path';
+import rimraf from 'rimraf';
+
 import configDefault from '../partials/config';
 import Config from '../../../src/lib/config';
 import Storage from '../../../src/lib/storage';
@@ -12,37 +16,109 @@ describe('endpoint unit test', () => {
   let storage;
   let auth;
   let app;
+  jest.setTimeout(500000);
 
-  beforeAll(function() {
-    config = new Config(configDefault);
-    storage = new Storage(config);
-    auth = new Auth(config);
-    app = indexAPI(config, auth, storage);
+  beforeAll(function(done) {
+    const store = path.join(__dirname, '../partials/store/test-storage');
+    rimraf(store, () => {
+      const configForTest = _.clone(configDefault);
+      configForTest.auth = {
+        htpasswd: {
+          file: './test-storage/htpasswd-test'
+        }
+      };
+      configForTest.self_path = store;
+      config = new Config(configForTest);
+      storage = new Storage(config);
+      auth = new Auth(config);
+      app = indexAPI(config, auth, storage);
+      done();
+    });
   });
 
-  describe('ping unit test', () => {
-    test('test /-/ping', (done) => {
+  describe('should test ping api', () => {
+    test('should test endpoint /-/ping', (done) => {
       request(app)
         .get('/-/ping')
         .expect('Content-Type', /json/)
-        .expect(200, done)
+        .expect(200)
+        .end(function(err, res) {
+          if (err) {
+            return done(err);
+          }
+          done();
+        });
     });
   });
 
-  describe('whoami unit test', () => {
-    test('test /-/whoami', (done) => {
+  describe('should test whoami api', () => {
+    test('should test /-/whoami endpoint', (done) => {
       request(app)
         .get('/-/whoami')
         .expect('Content-Type', /json/)
-        .expect(200, done)
+        .expect(200)
+        .end(function(err, res) {
+          if (err) {
+            return done(err);
+          }
+          done();
+        });
     });
 
-    test('test /whoami', (done) => {
+    test('should test /whoami endpoint', (done) => {
       request(app)
         .get('/-/whoami')
         .expect('Content-Type', /json/)
-        .expect(200, done)
+        .expect(200)
+        .end(function(err, res) {
+          if (err) {
+            return done(err);
+          }
+          done();
+        });
     });
   });
 
+  describe('should test user api', () => {
+    const credentials = { name: 'Jota', password: 'secretPass' };
+
+    test('test add a new user', (done) => {
+
+
+      request(app)
+        .put('/-/user/org.couchdb.user:jota')
+        .send(credentials)
+        .expect('Content-Type', /json/)
+        .expect(201)
+        .end(function(err, res) {
+          if (err) {
+            return done(err);
+          }
+
+          expect(res.body.ok).toBeDefined();
+          expect(res.body.ok).toMatch(`user '${credentials.name}' created`);
+          done();
+        });
+    });
+
+    test('test fails add a new user', (done) => {
+
+      request(app)
+        .put('/-/user/org.couchdb.user:jota')
+        .send(credentials)
+        .expect('Content-Type', /json/)
+        .expect(409)
+        .end(function(err, res) {
+          if (err) {
+            return done(err);
+          }
+
+          expect(res.body.error).toBeDefined();
+          expect(res.body.error).toMatch(/this user already exists/);
+          done();
+        });
+    });
+
+  });
+
 });