diff --git a/roles/keycloak/files/providers/keycloak-mailpass-rest/src/integrationTest/java/org/archlinux/keycloak/mailpass/rest/MailPassResourceIntegrationTest.java b/roles/keycloak/files/providers/keycloak-mailpass-rest/src/integrationTest/java/org/archlinux/keycloak/mailpass/rest/MailPassResourceIntegrationTest.java
index 94fcfdd478bd5380489a11fb2a03eef512a02ede..c6093ce092d0f2ceca20e843cc469820991db715 100644
--- a/roles/keycloak/files/providers/keycloak-mailpass-rest/src/integrationTest/java/org/archlinux/keycloak/mailpass/rest/MailPassResourceIntegrationTest.java
+++ b/roles/keycloak/files/providers/keycloak-mailpass-rest/src/integrationTest/java/org/archlinux/keycloak/mailpass/rest/MailPassResourceIntegrationTest.java
@@ -122,4 +122,43 @@ public class MailPassResourceIntegrationTest {
 
     assertEquals("password object not detected in provided JSON body", error);
   }
+
+  @Test
+  public void testInvalidLengthPasswordRaisesBadRequestException400() {
+    Response response =
+        given()
+            .header("Authorization", "Bearer " + adminToken)
+            .contentType(ContentType.JSON)
+            .body("{ \"password\": \"123456\" }")
+            .when()
+            .post(MessageFormat.format(ROOT_URI, port) + "/compute-password-hash");
+    assertEquals(400, response.getStatusCode());
+  }
+
+  @Test
+  public void testUserNameAsPasswordRaisesBadRequestException400() {
+    Response response =
+        given()
+            .header("Authorization", "Bearer " + adminToken)
+            .contentType(ContentType.JSON)
+            .body("{ \"password\": \"admin\" }")
+            .when()
+            .post(MessageFormat.format(ROOT_URI, port) + "/compute-password-hash");
+    assertEquals(400, response.getStatusCode());
+  }
+
+  @Test
+  public void testInvalidPasswordExceptionMessage() {
+    Response response =
+        given()
+            .header("Authorization", "Bearer " + adminToken)
+            .contentType(ContentType.JSON)
+            .body("{ \"password\": \"admin\" }")
+            .when()
+            .post(MessageFormat.format(ROOT_URI, port) + "/compute-password-hash");
+
+    String error = response.jsonPath().getString("error");
+
+    assertEquals("password policy error(length(8) and notUsername)", error);
+  }
 }