From 7f1cdf8ef51ceffd1ce692dbb3826616de233cba Mon Sep 17 00:00:00 2001
From: Andreas Zerbst <73799582+andr317c@users.noreply.github.com>
Date: Tue, 14 Oct 2025 12:04:10 +0200
Subject: [PATCH] Auhorization: Cherrypicked integration tests from V15
 (#20492)

* V15 QA Added the authorization integration tests (#18419)

* Added authorization integration tests

* Removed unnecessary tests and update tests for preview controller

* Updated to use the newest changes from v15/dev and added an override for the AuthenticateClientAsync to use the userGroupKey

* Updated CompatibilitySuppressions to include changes from integration tests

* Updated pipelines

* Skips managementApi tests

* Only run necessary tests

* Added new schema per fixture to reduce test setup time

* Fixed failing tests

* Updated test setup

* Updated test

* Added suppression

* Fixed failing tests

* Updated addOnTeardown methods to protected

* Added method for clearing the host

* Added teardown

* Updated model usage

* Added a lot of cleanup for memory leak issues when running tests

* Added CompatibilitySuppressions.xml

* Updated tests

* Cleaned up

* Adjusted base classes

* Updated pipeline

* Updated CompatibilitySuppressions.xml

* Updated test logging

* Fixed reponse

* Updated condition to skip tests

* Updated tests, not done

* Reworked test to expect correct responses with correct setup

* Updated tests

* More updates to tests

* Updated tests

* Cleaned up tests

* Updated setup

* Cleaned up tests to match setup

* Cleaned up setup

* Removed suppression

* Fixed tests

* Move order of checks

* Fix naming

* Formatting

* Dispose of host

* Keep track of if we're disposed

* Compat suppression

* Dont dispose

* Fix failing tests

* removed unused virtual

* Updated CompatibilitySuppressions.xml

---------

Co-authored-by: Andreas Zerbst <andr317c@live.dk>
Co-authored-by: Zeegaan <skrivdetud@gmail.com>
Co-authored-by: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com>
# Conflicts:
#	tests/Umbraco.Tests.Integration/CompatibilitySuppressions.xml
#	tests/Umbraco.Tests.Integration/ManagementApi/ManagementApiTest.cs
#	tests/Umbraco.Tests.Integration/ManagementApi/Policies/AllCultureControllerTests.cs
#	tests/Umbraco.Tests.Integration/ManagementApi/Policies/CreateDocumentTests.cs
#	tests/Umbraco.Tests.Integration/ManagementApi/Policies/UpdateDocumentTests.cs
#	tests/Umbraco.Tests.Integration/ManagementApi/Preview/EndPreviewTests.cs
#	tests/Umbraco.Tests.Integration/ManagementApi/Preview/EnterPreviewTests.cs
#	tests/Umbraco.Tests.Integration/TestServerTest/UmbracoTestServerTestBase.cs

* Updated test

* Updates

* Removed unnessecary test

---------

Co-authored-by: Nhu Dinh <150406148+nhudinh0309@users.noreply.github.com>
Co-authored-by: Zeegaan <skrivdetud@gmail.com>
Co-authored-by: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com>
---
 build/azure-pipelines.yml                     |  16 +-
 build/nightly-E2E-test-pipelines.yml          |  66 ++++---
 .../Culture/AllCultureControllerTests.cs      |  57 ++++++
 .../DataType/ByKeyDataTypeControllerTests.cs  |  67 +++++++
 .../DataType/CopyDataTypeControllerTests.cs   |  85 +++++++++
 .../DataType/CreateDataTypeControllerTests.cs |  57 ++++++
 .../DataType/DeleteDataTypeControllerTests.cs |  69 +++++++
 .../ByKeyDataTypeFolderControllerTests.cs     |  55 ++++++
 .../CreateDataTypeFolderControllerTests.cs    |  51 +++++
 .../DeleteDataTypeFolderControllerTests.cs    |  57 ++++++
 .../UpdateDataTypeFolderControllerTests.cs    |  64 +++++++
 .../DataType/IsUsedDataTypeControllerTests.cs |  67 +++++++
 .../Item/ItemDatatypeItemControllerTests.cs   |  66 +++++++
 .../DataType/MoveDataTypeControllerTests.cs   |  83 ++++++++
 .../ChildrenDataTypeTreeControllerTests.cs    |  75 ++++++++
 .../Tree/RootDataTypeTreeControllerTests.cs   |  41 ++++
 .../DataType/UpdateDataTypeControllerTests.cs |  86 +++++++++
 .../AllDictionaryControllerTests.cs           |  54 ++++++
 .../ByKeyDictionaryControllerTests.cs         |  57 ++++++
 .../CreateDictionaryControllerTests.cs        |  51 +++++
 .../DeleteDictionaryControllerTests.cs        |  59 ++++++
 .../ExportDictionaryControllerTests.cs        |  57 ++++++
 .../ImportDictionaryControllerTests.cs        |  93 +++++++++
 .../Item/ItemDictionaryItemControllerTests.cs |  57 ++++++
 .../MoveDictionaryControllerTests.cs          |  73 +++++++
 .../ChildrenDictionaryTreeControllerTests.cs  |  62 ++++++
 .../Tree/RootDictionaryTreeControllerTests.cs |  41 ++++
 .../UpdateDictionaryControllerTests.cs        |  67 +++++++
 .../Document/ByKeyDocumentControllerTests.cs  |  79 ++++++++
 .../Document/CopyDocumentControllerTests.cs   | 105 +++++++++++
 .../Document/CreateDocumentControllerTests.cs |  88 +++++++++
 ...eatePublicAccessDocumentControllerTests.cs | 129 +++++++++++++
 ...letePublicAccessDocumentControllerTests.cs | 129 +++++++++++++
 .../Document/DomainsControllerTests.cs        | 102 ++++++++++
 .../GetPublicAccessDocumentControllerTests.cs | 126 +++++++++++++
 .../Item/ItemDocumentItemControllerTests.cs   |  78 ++++++++
 .../Document/MoveDocumentControllerTests.cs   | 102 ++++++++++
 ...MoveToRecycleBinDocumentControllerTests.cs |  80 ++++++++
 .../Document/NotificationsControllerTests.cs  |  88 +++++++++
 ...ildrenDocumentRecycleBinControllerTests.cs |  92 +++++++++
 .../RootDocumentRecycleBinControllerTests.cs  |  80 ++++++++
 .../Document/SortDocumentControllerTests.cs   |  93 +++++++++
 .../ChildrenDocumentTreeControllerTests.cs    |  90 +++++++++
 .../Tree/RootDocumentTreeControllerTests.cs   |  42 +++++
 .../Document/UpdateDocumentControllerTests.cs |  95 ++++++++++
 .../Document/UpdateDomainsControllerTests.cs  | 119 ++++++++++++
 .../UpdateNotificationsControllerTests.cs     | 100 ++++++++++
 ...datePublicAccessDocumentControllerTests.cs | 154 +++++++++++++++
 .../ItemDocumentBlueprintControllerTests.cs   |  85 +++++++++
 ...ootDocumentBlueprintTreeControllerTests.cs |  42 +++++
 .../ByKeyDocumentTypeControllerTests.cs       |  56 ++++++
 .../CreateDocumentTypeControllerTests.cs      |  54 ++++++
 .../DeleteDocumentTypeControllerTests.cs      |  58 ++++++
 .../ByKeyDocumentTypeFolderControllerTests.cs |  55 ++++++
 ...CreateDocumentTypeFolderControllerTests.cs |  49 +++++
 ...DeleteDocumentTypeFolderControllerTests.cs |  57 ++++++
 ...UpdateDocumentTypeFolderControllerTests.cs |  63 +++++++
 .../ItemDocumentTypeItemControllerTests.cs    |  56 ++++++
 ...ChildrenDocumentTypeTreeControllerTests.cs |  62 ++++++
 .../RootDocumentTypeTreeControllerTests.cs    |  42 +++++
 .../UpdateDocumentTypeControllerTests.cs      |  65 +++++++
 ...ExecuteActionHealthCheckControllerTests.cs |  64 +++++++
 .../AllHealthCheckGroupControllerTests.cs     |  41 ++++
 .../ByNameHealthCheckGroupControllerTests.cs  |  41 ++++
 .../CheckHealthCheckGroupControllerTests.cs   |  43 +++++
 .../Help/GetHelpControllerTests.cs            |  41 ++++
 .../Indexer/AllIndexerControllerTests.cs      |  41 ++++
 .../Indexer/DetailsIndexerControllerTests.cs  |  41 ++++
 .../Indexer/RebuildIndexerControllerTests.cs  |  43 +++++
 .../Install/SettingsInstallControllerTests.cs |  41 ++++
 .../Install/SetupInstallControllerTests.cs    |  58 ++++++
 .../ValidateDatabaseInstallControllerTests.cs |  52 +++++
 .../Language/AllLanguageControllerTests.cs    |  40 ++++
 .../ByIsoCodeLanguageControllerTests.cs       |  40 ++++
 .../Language/CreateLanguageControllerTests.cs |  49 +++++
 .../Language/DeleteLanguageControllerTests.cs |  58 ++++++
 .../Language/UpdateLanguageControllerTests.cs |  65 +++++++
 .../LogViewer/AllLogViewerControllerTests.cs  |  42 +++++
 ...MessageTemplateLogViewerControllerTests.cs |  41 ++++
 .../AllSinkLevelLogViewerControllerTests.cs   |  40 ++++
 .../LogLevelCountLogViewerControllerTests.cs  |  41 ++++
 .../AllSavedSearchLogViewerControllerTests.cs |  40 ++++
 ...NameSavedSearchLogViewerControllerTests.cs |  50 +++++
 ...eateSavedSearchLogViewerControllerTests.cs |  49 +++++
 ...leteSavedSearchLogViewerControllerTests.cs |  52 +++++
 ...dateLogFileSizeLogViewerControllerTests.cs |  41 ++++
 .../ManagementApi/ManagementApiTest.cs        | 104 +++++++---
 .../ManagementApiUserGroupTestBase.cs         | 120 ++++++++++++
 .../Media/ByKeyMediaControllerTests.cs        |  67 +++++++
 .../Media/CreateMediaControllerTests.cs       |  73 +++++++
 .../Item/ItemMediaItemControllerTests.cs      |  65 +++++++
 .../Media/MoveMediaControllerTests.cs         |  90 +++++++++
 .../MoveToRecycleBinMediaControllerTests.cs   |  74 ++++++++
 .../ChildrenMediaRecycleBinControllerTests.cs |  71 +++++++
 .../RootMediaRecycleBinControllerTests.cs     |  66 +++++++
 .../Media/SortMediaControllerTests.cs         |  91 +++++++++
 .../Tree/ChildrenMediaTreeControllerTests.cs  |  69 +++++++
 .../Tree/RootMediaTreeControllerTests.cs      |  40 ++++
 .../Media/UpdateMediaControllerTests.cs       |  85 +++++++++
 .../ByKeyMediaTypeControllerTests.cs          |  56 ++++++
 .../CreateMediaTypeControllerTests.cs         |  49 +++++
 .../DeleteMediaTypeControllerTests.cs         |  59 ++++++
 .../ByKeyMediaTypeFolderControllerTests.cs    |  55 ++++++
 .../CreateMediaTypeFolderControllerTests.cs   |  49 +++++
 .../DeleteMediaTypeFolderControllerTests.cs   |  57 ++++++
 .../UpdateMediaTypeFolderControllerTests.cs   |  64 +++++++
 .../Item/ItemMediaTypeItemControllerTests.cs  |  55 ++++++
 .../ChildrenMediaTypeTreeControllerTests.cs   |  62 ++++++
 .../RootMediaTreeTypeTreeControllerTests.cs   |  41 ++++
 .../UpdateMediaTypeControllerTests.cs         |  66 +++++++
 .../Item/ItemMemberItemControllerTests.cs     |  65 +++++++
 .../ItemMemberGroupItemControllerTests.cs     |  55 ++++++
 .../RootMemberGroupTreeControllerTests.cs     |  42 +++++
 .../Item/ItemMemberTypeItemControllerTests.cs |  57 ++++++
 .../Tree/RootMemberTypeTreeControllerTree.cs  |  41 ++++
 .../BuildModelsBuilderControllerTests.cs      |  43 +++++
 .../GetModelsBuilderControllerTests.cs        |  41 ++++
 .../StatusModelsBuilderControllerTests.cs     |  41 ++++
 .../AllowedObjectTypesControllerTests.cs      |  41 ++++
 ...llMigrationStatusPackageControllerTests.cs |  41 ++++
 .../AllCreatedPackageControllerTests.cs       |  41 ++++
 .../ByKeyCreatedPackageControllerTests.cs     |  41 ++++
 .../CreateCreatedPackageControllerTests.cs    |  51 +++++
 .../DeleteCreatedPackageControllerTests.cs    |  43 +++++
 .../DownloadCreatedPackageControllerTests.cs  |  41 ++++
 .../UpdateCreatedPackageControllerTests.cs    |  51 +++++
 .../RunMigrationPackageControllerTests.cs     |  43 +++++
 .../ByPathPartialViewControllerTests.cs       |  57 ++++++
 .../CreatePartialViewControllerTests.cs       |  54 ++++++
 .../DeletePartialViewControllerTests.cs       |  59 ++++++
 .../ByPathPartialViewFolderControllerTests.cs |  56 ++++++
 .../CreatePartialViewFolderControllerTests.cs |  50 +++++
 .../DeletePartialViewFolderControllerTests.cs |  58 ++++++
 .../ItemPartialViewItemControllerTests.cs     |  57 ++++++
 .../Snippet/GetAllControllerTests.cs          |  41 ++++
 .../ChildrenPartialViewTreeControllerTests.cs |  57 ++++++
 .../RootPartialViewTreeControllerTests.cs     |  54 ++++++
 .../UpdatePartialViewControllerTests.cs       |  66 +++++++
 .../Policies/AllCultureControllerTests.cs     |  51 +++--
 .../Policies/CreateDocumentTests.cs           | 130 -------------
 .../Policies/UpdateDocumentTests.cs           | 152 ---------------
 .../Preview/EndPreviewControllerTests.cs      |  41 ++++
 .../ManagementApi/Preview/EndPreviewTests.cs  |  27 ---
 .../Preview/EnterPreviewControllerTests.cs    |  41 ++++
 .../Preview/EnterPreviewTests.cs              |  29 ---
 .../GetStatusProfilingControllerTests.cs      |  41 ++++
 .../UpdateStatusProfilingControllerTests.cs   |  50 +++++
 .../IsUsedPropertyTypeControllerTests.cs      |  66 +++++++
 .../RebuildPublishedCacheControllerTests.cs   |  43 +++++
 .../ReloadPublishedCacheControllerTests.cs    |  43 +++++
 ...KeyRedirectUrlManagementControllerTests.cs |  41 ++++
 ...KeyRedirectUrlManagementControllerTests.cs |  43 +++++
 ...AllRedirectUrlManagementControllerTests.cs |  41 ++++
 ...tusRedirectUrlManagementControllerTests.cs |  41 ++++
 ...tusRedirectUrlManagementControllerTests.cs |  44 +++++
 ...yRelationTypeKeyRelationControllerTests.cs |  41 ++++
 .../ByKeyRelationTypeControllerTests.cs       |  41 ++++
 .../ItemRelationTypeItemControllerTests.cs    |  41 ++++
 .../Script/ByPathScriptControllerTests.cs     |  57 ++++++
 .../Script/CreateScriptControllerTests.cs     |  54 ++++++
 .../Script/DeleteScriptControllerTests.cs     |  59 ++++++
 .../ByPathScriptFolderControllerTests.cs      |  56 ++++++
 .../CreateScriptFolderControllerTests.cs      |  50 +++++
 .../DeleteScriptFolderControllerTests.cs      |  58 ++++++
 .../Item/ItemScriptItemControllerTests.cs     |  56 ++++++
 .../Tree/ChildrenScriptTreeControllerTests.cs |  66 +++++++
 .../Tree/RootScriptTreeControllerTests.cs     |  53 ++++++
 .../Script/UpdateScriptControllerTests.cs     |  66 +++++++
 .../Searcher/AllSearcherControllerTests.cs    |  41 ++++
 .../Searcher/QuerySearcherControllerTests.cs  |  41 ++++
 .../Security/BackOfficeControllerTests.cs     |  84 +++++++++
 .../Security/ResetPasswordControllerTests.cs  |  49 +++++
 .../ResetPasswordTokenControllerTests.cs      |  51 +++++
 ...VerifyResetPasswordTokenControllerTests.cs |  51 +++++
 .../Server/StatusServerControllerTests.cs     |  41 ++++
 .../UserStartNodeEntitiesServiceMediaTests.cs |   2 +-
 .../UserStartNodeEntitiesServiceTests.cs      |   2 +-
 .../Item/ItemStaticFileItemControllerTests.cs |  41 ++++
 .../ChildrenStaticFileTreeControllerTests.cs  |  41 ++++
 .../Tree/RootStaticFileTreeControllerTests.cs |  41 ++++
 .../ByPathStylesheetControllerTests.cs        |  57 ++++++
 .../CreateStylesheetControllerTests.cs        |  50 +++++
 .../DeleteStylesheetControllerTests.cs        |  59 ++++++
 .../ByPathStylesheetFolderControllerTests.cs  |  56 ++++++
 .../CreateStylesheetFolderControllerTests.cs  |  50 +++++
 .../DeleteStylesheetFolderControllerTests.cs  |  58 ++++++
 .../Item/ItemStylesheetItemControllerTests.cs |  56 ++++++
 .../ChildrenStylesheetTreeControllerTests.cs  |  66 +++++++
 .../Tree/RootStylesheetTreeControllerTests.cs |  54 ++++++
 .../UpdateStylesheetControllerTests.cs        |  69 +++++++
 .../Tag/ByQueryTagControllerTests.cs          |  41 ++++
 .../Telemetry/AllTelemetryControllerTests.cs  |  41 ++++
 .../Telemetry/GetTelemetryControllerTests.cs  |  41 ++++
 .../Telemetry/SetTelemetryControllerTests.cs  |  51 +++++
 .../Template/ByKeyTemplateControllerTests.cs  |  56 ++++++
 .../Template/CreateTemplateControllerTests.cs |  52 +++++
 .../Template/DeleteTemplateControllerTests.cs |  42 +++++
 .../Item/ItemTemplateItemControllerTests.cs   |  56 ++++++
 .../ExecuteTemplateQueryControllerTests.cs    |  49 +++++
 .../SettingsTemplateQueryControllerTests.cs   |  40 ++++
 .../ChildrenTemplateTreeControllerTests.cs    |  63 +++++++
 .../Tree/RootTemplateTreeControllerTests.cs   |  53 ++++++
 .../Template/UpdateTemplateControllerTests.cs |  53 ++++++
 .../ByKeyTemporaryFileControllerTests.cs      |  55 ++++++
 .../CreateTemporaryFileControllerTests.cs     |  49 +++++
 .../DeleteTemporaryFileControllerTests.cs     |  57 ++++++
 .../DocumentTypeSiblingControllerTests.cs     |  60 ------
 .../AuthorizeUpgradeControllerTests.cs        |  43 +++++
 .../Upgrade/SettingsUpgradeControllerTests.cs |  41 ++++
 .../User/BulkDeleteUserControllerTests.cs     |  85 +++++++++
 .../User/ByKeyUserControllerTests.cs          |  68 +++++++
 .../User/ChangePasswordUserControllerTests.cs |  79 ++++++++
 .../User/ClearAvatarUserControllerTests.cs    |  69 +++++++
 ...reateInitialPasswordUserControllerTests.cs |  77 ++++++++
 .../User/CreateUserControllerTests.cs         |  52 +++++
 ...hangePasswordCurrentUserControllerTests.cs |  53 ++++++
 .../Current/GetCurrentUserControllerTests.cs  |  40 ++++
 ...ntPermissionsCurrentUserControllerTests.cs |  67 +++++++
 ...iaPermissionsCurrentUserControllerTests.cs |  67 +++++++
 ...etPermissionsCurrentUserControllerTests.cs |  67 +++++++
 .../SetAvatarCurrentUserControllerTests.cs    |  80 ++++++++
 .../User/DeleteUserControllerTests.cs         |  71 +++++++
 .../User/DisableUsersControllerTests.cs       |  77 ++++++++
 .../User/EnableUserControllerTests.cs         |  77 ++++++++
 .../User/GetAllUsersControllerTests.cs        |  40 ++++
 .../User/InviteUserControllerTests.cs         |  73 +++++++
 .../User/Item/ItemUserItemControllerTests.cs  |  67 +++++++
 .../User/ResendInviteUserControllerTests.cs   |  52 +++++
 .../User/SetAvatarUsersControllerTests.cs     |  83 ++++++++
 .../User/UnlockUserControllerTests.cs         |  76 ++++++++
 .../User/UpdateUserControllerTests.cs         |  78 ++++++++
 .../UpdateUserGroupsUserControllerTests.cs    |  84 +++++++++
 .../User/VerifyInviteUserControllerTests.cs   |  76 ++++++++
 .../BulkDeleteUserGroupControllerTests.cs     |  74 ++++++++
 .../ByKeyUserGroupControllerTests.cs          |  56 ++++++
 .../CreateUserGroupControllerTests.cs         |  59 ++++++
 .../DeleteUserGroupControllerTests.cs         |  59 ++++++
 .../GetAllUserGroupControllerTests.cs         |  40 ++++
 .../Item/ItemUserGroupItemControllerTests.cs  |  55 ++++++
 .../UpdateUserGroupControllerTests.cs         |  75 ++++++++
 .../ManagementApi/UserGroupAssertionModel.cs  |   8 +
 .../UmbracoTestServerTestBase.cs              | 155 ++++++++-------
 .../UmbracoWebApplicationFactory.cs           |  16 +-
 .../Testing/UmbracoIntegrationTestBase.cs     | 178 +++++-------------
 244 files changed, 13986 insertions(+), 689 deletions(-)
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Culture/AllCultureControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/ByKeyDataTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/CopyDataTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/CreateDataTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/DeleteDataTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/ByKeyDataTypeFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/CreateDataTypeFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/DeleteDataTypeFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/UpdateDataTypeFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/IsUsedDataTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/Item/ItemDatatypeItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/MoveDataTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/Tree/ChildrenDataTypeTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/Tree/RootDataTypeTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DataType/UpdateDataTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/AllDictionaryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/ByKeyDictionaryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/CreateDictionaryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/DeleteDictionaryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/ExportDictionaryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/ImportDictionaryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/Item/ItemDictionaryItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/MoveDictionaryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/Tree/ChildrenDictionaryTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/Tree/RootDictionaryTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/UpdateDictionaryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/ByKeyDocumentControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/CopyDocumentControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/CreateDocumentControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/CreatePublicAccessDocumentControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/DeletePublicAccessDocumentControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/DomainsControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/GetPublicAccessDocumentControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/Item/ItemDocumentItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/MoveDocumentControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/MoveToRecycleBinDocumentControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/NotificationsControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/RecycleBin/ChildrenDocumentRecycleBinControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/RecycleBin/RootDocumentRecycleBinControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/SortDocumentControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/Tree/ChildrenDocumentTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/Tree/RootDocumentTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdateDocumentControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdateDomainsControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdateNotificationsControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdatePublicAccessDocumentControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentBlueprint/Item/ItemDocumentBlueprintControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentBlueprint/Tree/RootDocumentBlueprintTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/ByKeyDocumentTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/CreateDocumentTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/DeleteDocumentTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/ByKeyDocumentTypeFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/CreateDocumentTypeFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/DeleteDocumentTypeFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/UpdateDocumentTypeFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Item/ItemDocumentTypeItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Root/ChildrenDocumentTypeTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Root/RootDocumentTypeTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/UpdateDocumentTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/ExecuteActionHealthCheckControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/Group/AllHealthCheckGroupControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/Group/ByNameHealthCheckGroupControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/Group/CheckHealthCheckGroupControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Help/GetHelpControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Indexer/AllIndexerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Indexer/DetailsIndexerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Indexer/RebuildIndexerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Install/SettingsInstallControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Install/SetupInstallControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Install/ValidateDatabaseInstallControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Language/AllLanguageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Language/ByIsoCodeLanguageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Language/CreateLanguageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Language/DeleteLanguageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Language/UpdateLanguageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/AllLogViewerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/AllMessageTemplateLogViewerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/AllSinkLevelLogViewerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/LogLevelCountLogViewerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/AllSavedSearchLogViewerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/ByNameSavedSearchLogViewerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/CreateSavedSearchLogViewerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/DeleteSavedSearchLogViewerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/ValidateLogFileSizeLogViewerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/ManagementApiUserGroupTestBase.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Media/ByKeyMediaControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Media/CreateMediaControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Media/Item/ItemMediaItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Media/MoveMediaControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Media/MoveToRecycleBinMediaControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Media/RecycleBin/ChildrenMediaRecycleBinControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Media/RecycleBin/RootMediaRecycleBinControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Media/SortMediaControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Media/Tree/ChildrenMediaTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Media/Tree/RootMediaTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Media/UpdateMediaControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MediaType/ByKeyMediaTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MediaType/CreateMediaTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MediaType/DeleteMediaTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/ByKeyMediaTypeFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/CreateMediaTypeFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/DeleteMediaTypeFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/UpdateMediaTypeFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Item/ItemMediaTypeItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Tree/ChildrenMediaTypeTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Tree/RootMediaTreeTypeTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MediaType/UpdateMediaTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Member/Item/ItemMemberItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MemberGroup/Item/ItemMemberGroupItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MemberGroup/Tree/RootMemberGroupTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MemberType/Item/ItemMemberTypeItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/MemberType/Tree/RootMemberTypeTreeControllerTree.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/ModelsBuilder/BuildModelsBuilderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/ModelsBuilder/GetModelsBuilderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/ModelsBuilder/StatusModelsBuilderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/ObjectTypes/AllowedObjectTypesControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Package/AllMigrationStatusPackageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/AllCreatedPackageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/ByKeyCreatedPackageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/CreateCreatedPackageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/DeleteCreatedPackageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/DownloadCreatedPackageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/UpdateCreatedPackageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Package/RunMigrationPackageControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PartialView/ByPathPartialViewControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PartialView/CreatePartialViewControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PartialView/DeletePartialViewControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Folder/ByPathPartialViewFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Folder/CreatePartialViewFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Folder/DeletePartialViewFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Item/ItemPartialViewItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Snippet/GetAllControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Tree/ChildrenPartialViewTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Tree/RootPartialViewTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PartialView/UpdatePartialViewControllerTests.cs
 delete mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Policies/CreateDocumentTests.cs
 delete mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Policies/UpdateDocumentTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Preview/EndPreviewControllerTests.cs
 delete mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Preview/EndPreviewTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Preview/EnterPreviewControllerTests.cs
 delete mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Preview/EnterPreviewTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Profiling/GetStatusProfilingControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Profiling/UpdateStatusProfilingControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PropertyType/IsUsedPropertyTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PublishedCache/RebuildPublishedCacheControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/PublishedCache/ReloadPublishedCacheControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/ByKeyRedirectUrlManagementControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/DeleteByKeyRedirectUrlManagementControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/GetAllRedirectUrlManagementControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/GetStatusRedirectUrlManagementControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/SetStatusRedirectUrlManagementControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Relation/ByRelationTypeKeyRelationControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/RelationType/ByKeyRelationTypeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/RelationType/Item/ItemRelationTypeItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Script/ByPathScriptControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Script/CreateScriptControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Script/DeleteScriptControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Script/Folder/ByPathScriptFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Script/Folder/CreateScriptFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Script/Folder/DeleteScriptFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Script/Item/ItemScriptItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Script/Tree/ChildrenScriptTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Script/Tree/RootScriptTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Script/UpdateScriptControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Searcher/AllSearcherControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Searcher/QuerySearcherControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Security/BackOfficeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Security/ResetPasswordControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Security/ResetPasswordTokenControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Security/VerifyResetPasswordTokenControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Server/StatusServerControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/StaticFile/Item/ItemStaticFileItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/StaticFile/Tree/ChildrenStaticFileTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/StaticFile/Tree/RootStaticFileTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/ByPathStylesheetControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/CreateStylesheetControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/DeleteStylesheetControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Folder/ByPathStylesheetFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Folder/CreateStylesheetFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Folder/DeleteStylesheetFolderControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Item/ItemStylesheetItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Tree/ChildrenStylesheetTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Tree/RootStylesheetTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/UpdateStylesheetControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Tag/ByQueryTagControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Telemetry/AllTelemetryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Telemetry/GetTelemetryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Telemetry/SetTelemetryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Template/ByKeyTemplateControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Template/CreateTemplateControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Template/DeleteTemplateControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Template/Item/ItemTemplateItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Template/Query/ExecuteTemplateQueryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Template/Query/SettingsTemplateQueryControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Template/Tree/ChildrenTemplateTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Template/Tree/RootTemplateTreeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Template/UpdateTemplateControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/TemporaryFile/ByKeyTemporaryFileControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/TemporaryFile/CreateTemporaryFileControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/TemporaryFile/DeleteTemporaryFileControllerTests.cs
 delete mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Trees/DocumentTypeSiblingControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Upgrade/AuthorizeUpgradeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/Upgrade/SettingsUpgradeControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/BulkDeleteUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/ByKeyUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/ChangePasswordUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/ClearAvatarUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/CreateInitialPasswordUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/CreateUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/Current/ChangePasswordCurrentUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetCurrentUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetDocumentPermissionsCurrentUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetMediaPermissionsCurrentUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetPermissionsCurrentUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/Current/SetAvatarCurrentUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/DeleteUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/DisableUsersControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/EnableUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/GetAllUsersControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/InviteUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/Item/ItemUserItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/ResendInviteUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/SetAvatarUsersControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/UnlockUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/UpdateUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/UpdateUserGroupsUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/User/VerifyInviteUserControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/BulkDeleteUserGroupControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/ByKeyUserGroupControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/CreateUserGroupControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/DeleteUserGroupControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/GetAllUserGroupControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/Item/ItemUserGroupItemControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/UpdateUserGroupControllerTests.cs
 create mode 100644 tests/Umbraco.Tests.Integration/ManagementApi/UserGroupAssertionModel.cs

diff --git a/build/azure-pipelines.yml b/build/azure-pipelines.yml
index b53a2d0ad2..2246e09e7b 100644
--- a/build/azure-pipelines.yml
+++ b/build/azure-pipelines.yml
@@ -313,8 +313,8 @@ stages:
               testFilter: "(FullyQualifiedName~Umbraco.Infrastructure.Service)"
             LinuxPart3Of3:
               vmImage: "ubuntu-latest"
-              # Filter tests that are not part of the Umbraco.Infrastructure namespace. So this will run all tests that are not part of the Umbraco.Infrastructure namespace
-              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure)"
+              # Filter tests that are not part of the Umbraco.Infrastructure and ManagementApi namespace. So this will run all tests that are not part of the Umbraco.Infrastructure and ManagementApi namespace
+              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure) & (FullyQualifiedName!~ManagementApi)"
             macOSPart1Of3:
               vmImage: "macOS-latest"
               # Filter tests that are part of the Umbraco.Infrastructure namespace but not part of the Umbraco.Infrastructure.Service namespace
@@ -325,8 +325,8 @@ stages:
               testFilter: "(FullyQualifiedName~Umbraco.Infrastructure.Service)"
             macOSPart3Of3:
               vmImage: "macOS-latest"
-              # Filter tests that are not part of the Umbraco.Infrastructure namespace.
-              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure)"
+              # Filter tests that are not part of the Umbraco.Infrastructure and ManagementApi namespace. So this will run all tests that are not part of the Umbraco.Infrastructure and the ManagementApi namespace
+              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure) & (FullyQualifiedName!~ManagementApi)"
         pool:
           vmImage: $(vmImage)
         variables:
@@ -389,8 +389,8 @@ stages:
               vmImage: "windows-latest"
               Tests__Database__DatabaseType: LocalDb
               Tests__Database__SQLServerMasterConnectionString: N/A
-              # Filter tests that are not part of the Umbraco.Infrastructure namespace. So this will run all tests that are not part of the Umbraco.Infrastructure namespace
-              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure)"
+              # Filter tests that are not part of the Umbraco.Infrastructure and ManagementApi namespace. So this will run all tests that are not part of the Umbraco.Infrastructure and ManagementApi namespace
+              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure) & (FullyQualifiedName!~ManagementApi)"
             LinuxPart1Of3:
               vmImage: "ubuntu-latest"
               SA_PASSWORD: UmbracoIntegration123!
@@ -410,8 +410,8 @@ stages:
               SA_PASSWORD: UmbracoIntegration123!
               Tests__Database__DatabaseType: SqlServer
               Tests__Database__SQLServerMasterConnectionString: "Server=(local);User Id=sa;Password=$(SA_PASSWORD);TrustServerCertificate=True"
-              # Filter tests that are not part of the Umbraco.Infrastructure namespace. So this will run all tests that are not part of the Umbraco.Infrastructure namespace
-              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure)"
+              # Filter tests that are not part of the Umbraco.Infrastructure and ManagementApi namespace. So this will run all tests that are not part of the Umbraco.Infrastructure and ManagementApi namespace
+              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure) & (FullyQualifiedName!~ManagementApi)"
         pool:
           vmImage: $(vmImage)
         steps:
diff --git a/build/nightly-E2E-test-pipelines.yml b/build/nightly-E2E-test-pipelines.yml
index f49b0db803..1de1217a33 100644
--- a/build/nightly-E2E-test-pipelines.yml
+++ b/build/nightly-E2E-test-pipelines.yml
@@ -123,31 +123,39 @@ stages:
           matrix:
             #            Windows:
             #              vmImage: 'windows-latest'
-            # We split the tests into 3 parts for each OS to reduce the time it takes to run them on the pipeline
-            LinuxPart1Of3:
+            # We split the tests into 4 parts for each OS to reduce the time it takes to run them on the pipeline
+            LinuxPart1Of4:
               vmImage: "ubuntu-latest"
               # Filter tests that are part of the Umbraco.Infrastructure namespace but not part of the Umbraco.Infrastructure.Service namespace
               testFilter: "(FullyQualifiedName~Umbraco.Infrastructure) & (FullyQualifiedName!~Umbraco.Infrastructure.Service)"
-            LinuxPart2Of3:
+            LinuxPart2Of4:
               vmImage: "ubuntu-latest"
               # Filter tests that are part of the Umbraco.Infrastructure.Service namespace
               testFilter: "(FullyQualifiedName~Umbraco.Infrastructure.Service)"
-            LinuxPart3Of3:
+            LinuxPart3Of4:
               vmImage: "ubuntu-latest"
-              # Filter tests that are not part of the Umbraco.Infrastructure namespace. So this will run all tests that are not part of the Umbraco.Infrastructure namespace
-              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure)"
-            macOSPart1Of3:
+              # Filter tests that are not part of the Umbraco.Infrastructure and ManagementApi namespace. So this will run all tests that are not part of the Umbraco.Infrastructure namespace
+              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure) & (FullyQualifiedName!~ManagementApi)"
+            LinuxPart4Of4:
+              vmImage: "ubuntu-latest"
+              # Filter tests that are part of the ManagementApi namespace
+              testFilter: "(FullyQualifiedName~ManagementApi)"
+            macOSPart1Of4:
               vmImage: "macOS-latest"
               # Filter tests that are part of the Umbraco.Infrastructure namespace but not part of the Umbraco.Infrastructure.Service namespace
               testFilter: "(FullyQualifiedName~Umbraco.Infrastructure) & (FullyQualifiedName!~Umbraco.Infrastructure.Service)"
-            macOSPart2Of3:
+            macOSPart2Of4:
               vmImage: "macOS-latest"
               # Filter tests that are part of the Umbraco.Infrastructure.Service namespace
               testFilter: "(FullyQualifiedName~Umbraco.Infrastructure.Service)"
-            macOSPart3Of3:
+            macOSPart3Of4:
               vmImage: "macOS-latest"
-              # Filter tests that are not part of the Umbraco.Infrastructure namespace.
-              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure)"
+              # Filter tests that are not part of the Umbraco.Infrastructure and ManagementApi namespace.
+              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure) & (FullyQualifiedName!~ManagementApi)"
+            macOSPart4Of4:
+              vmImage: "macOS-latest"
+              # Filter tests that are part of the ManagementApi namespace.
+              testFilter: "(FullyQualifiedName~ManagementApi)"
         pool:
           vmImage: $(vmImage)
         variables:
@@ -187,43 +195,55 @@ stages:
           SA_PASSWORD: UmbracoAcceptance123!
         strategy:
           matrix:
-            # We split the tests into 3 parts for each OS to reduce the time it takes to run them on the pipeline
-            WindowsPart1Of3:
+            # We split the tests into 4 parts for each OS to reduce the time it takes to run them on the pipeline
+            WindowsPart1Of4:
               vmImage: "windows-latest"
               Tests__Database__DatabaseType: LocalDb
               Tests__Database__SQLServerMasterConnectionString: N/A
               # Filter tests that are part of the Umbraco.Infrastructure namespace but not part of the Umbraco.Infrastructure.Service namespace
               testFilter: "(FullyQualifiedName~Umbraco.Infrastructure) & (FullyQualifiedName!~Umbraco.Infrastructure.Service)"
-            WindowsPart2Of3:
+            WindowsPart2Of4:
               vmImage: "windows-latest"
               Tests__Database__DatabaseType: LocalDb
               Tests__Database__SQLServerMasterConnectionString: N/A
               # Filter tests that are part of the Umbraco.Infrastructure.Service namespace
               testFilter: "(FullyQualifiedName~Umbraco.Infrastructure.Service)"
-            WindowsPart3Of3:
+            WindowsPart3Of4:
               vmImage: "windows-latest"
               Tests__Database__DatabaseType: LocalDb
               Tests__Database__SQLServerMasterConnectionString: N/A
-              # Filter tests that are not part of the Umbraco.Infrastructure namespace. So this will run all tests that are not part of the Umbraco.Infrastructure namespace
-              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure)"
-            LinuxPart1Of3:
+              # Filter tests that are not part of the Umbraco.Infrastructure and ManagementApi namespace.
+              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure) & (FullyQualifiedName!~ManagementApi)"
+            WindowsPart4Of4:
+              vmImage: "windows-latest"
+              Tests__Database__DatabaseType: LocalDb
+              Tests__Database__SQLServerMasterConnectionString: N/A
+              # Filter tests that are part of the ManagementApi namespace.
+              testFilter: "(FullyQualifiedName~ManagementApi)"
+            LinuxPart1Of4:
               vmImage: "ubuntu-latest"
               Tests__Database__DatabaseType: SqlServer
               Tests__Database__SQLServerMasterConnectionString: "Server=(local);User Id=sa;Password=$(SA_PASSWORD);Encrypt=True;TrustServerCertificate=True"
               # Filter tests that are part of the Umbraco.Infrastructure namespace but not part of the Umbraco.Infrastructure.Service namespace
               testFilter: "(FullyQualifiedName~Umbraco.Infrastructure) & (FullyQualifiedName!~Umbraco.Infrastructure.Service)"
-            LinuxPart2Of3:
+            LinuxPart2Of4:
               vmImage: "ubuntu-latest"
               Tests__Database__DatabaseType: SqlServer
               Tests__Database__SQLServerMasterConnectionString: "Server=(local);User Id=sa;Password=$(SA_PASSWORD);Encrypt=True;TrustServerCertificate=True"
               # Filter tests that are part of the Umbraco.Infrastructure.Service namespace
               testFilter: "(FullyQualifiedName~Umbraco.Infrastructure.Service)"
-            LinuxPart3Of3:
+            LinuxPart3Of4:
               vmImage: "ubuntu-latest"
               Tests__Database__DatabaseType: SqlServer
               Tests__Database__SQLServerMasterConnectionString: "Server=(local);User Id=sa;Password=$(SA_PASSWORD);Encrypt=True;TrustServerCertificate=True"
-              # Filter tests that are not part of the Umbraco.Infrastructure namespace. So this will run all tests that are not part of the Umbraco.Infrastructure namespace
-              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure)"
+              # Filter tests that are not part of the Umbraco.Infrastructure and ManagementApi namespace.
+              testFilter: "(FullyQualifiedName!~Umbraco.Infrastructure) & (FullyQualifiedName!~ManagementApi)"
+            LinuxPart4Of4:
+              vmImage: "ubuntu-latest"
+              Tests__Database__DatabaseType: SqlServer
+              Tests__Database__SQLServerMasterConnectionString: "Server=(local);User Id=sa;Password=$(SA_PASSWORD);Encrypt=True;TrustServerCertificate=True"
+              # Filter tests that are part of the ManagementApi namespace.
+              testFilter: "(FullyQualifiedName~ManagementApi)"
         pool:
           vmImage: $(vmImage)
         steps:
@@ -485,7 +505,7 @@ stages:
     jobs:
       - job:
         displayName: E2E Tests with Different App settings (SQL Server)
-        condition: ${{ or(eq(parameters.differentAppSettingsAcceptanceTests, true), eq(parameters.skipDefaultConfigAcceptanceTests, true)) }}
+        condition: ${{ eq(parameters.differentAppSettingsAcceptanceTests, true) }}
         timeoutInMinutes: 180
         variables:
           SA_PASSWORD: UmbracoAcceptance123!
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Culture/AllCultureControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Culture/AllCultureControllerTests.cs
new file mode 100644
index 0000000000..a0a4f6215f
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Culture/AllCultureControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Culture;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+using Umbraco.Cms.Tests.Common.Builders.Extensions;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Culture;
+
+public class AllCultureControllerTests : ManagementApiUserGroupTestBase<AllCultureController>
+{
+    ILanguageService LanguageService => GetRequiredService<ILanguageService>();
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var langDa = new LanguageBuilder()
+            .WithCultureInfo("da-DK")
+            .Build();
+        await LanguageService.CreateAsync(langDa, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<AllCultureController, object>> MethodSelector =>
+        x => x.GetAll(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/ByKeyDataTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/ByKeyDataTypeControllerTests.cs
new file mode 100644
index 0000000000..be532575a5
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/ByKeyDataTypeControllerTests.cs
@@ -0,0 +1,67 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DataType;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+using Umbraco.Cms.Tests.Common.Builders.Extensions;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType;
+
+public class ByKeyDataTypeControllerTests : ManagementApiUserGroupTestBase<ByKeyDataTypeController>
+{
+    private IDataTypeService DataTypeService => GetRequiredService<IDataTypeService>();
+
+    private Guid _dataTypeKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var dataType = new DataTypeBuilder()
+            .WithId(0)
+            .WithName("Custom list view")
+            .WithDatabaseType(ValueStorageType.Nvarchar)
+            .AddEditor()
+                .WithAlias(Constants.PropertyEditors.Aliases.ListView)
+                .Done()
+            .Build();
+        var response = await DataTypeService.CreateAsync(dataType, Constants.Security.SuperUserKey);
+
+        _dataTypeKey = response.Result.Key;
+    }
+
+    protected override Expression<Func<ByKeyDataTypeController, object>> MethodSelector =>
+        x => x.ByKey(CancellationToken.None, _dataTypeKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/CopyDataTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/CopyDataTypeControllerTests.cs
new file mode 100644
index 0000000000..e16a6a45ea
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/CopyDataTypeControllerTests.cs
@@ -0,0 +1,85 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DataType;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.DataType;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+using Umbraco.Cms.Tests.Common.Builders.Extensions;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType;
+
+public class CopyDataTypeControllerTests : ManagementApiUserGroupTestBase<CopyDataTypeController>
+{
+    private IDataTypeContainerService DataTypeContainerService => GetRequiredService<IDataTypeContainerService>();
+
+    private IDataTypeService DataTypeService => GetRequiredService<IDataTypeService>();
+
+    private Guid _dataTypeKey;
+    private Guid _folderKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Folder
+        var responseFolder = await DataTypeContainerService.CreateAsync(Guid.NewGuid(), "TestFolder", Constants.System.RootKey, Constants.Security.SuperUserKey);
+        _folderKey = responseFolder.Result.Key;
+
+        // Datatype
+        var dataType = new DataTypeBuilder()
+            .WithId(0)
+            .WithName("Custom list view")
+            .WithDatabaseType(ValueStorageType.Nvarchar)
+            .AddEditor()
+                .WithAlias(Constants.PropertyEditors.Aliases.ListView)
+                .Done()
+            .Build();
+        var responseDataType = await DataTypeService.CreateAsync(dataType, Constants.Security.SuperUserKey);
+
+        _dataTypeKey = responseDataType.Result.Key;
+    }
+
+    protected override Expression<Func<CopyDataTypeController, object>> MethodSelector =>
+        x => x.Copy(CancellationToken.None, _dataTypeKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CopyDataTypeRequestModel copyDataTypeRequestModel = new() { Target = new ReferenceByIdModel(_folderKey) };
+
+        return await Client.PostAsync(Url, JsonContent.Create(copyDataTypeRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/CreateDataTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/CreateDataTypeControllerTests.cs
new file mode 100644
index 0000000000..9020255024
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/CreateDataTypeControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.DataType;
+using Umbraco.Cms.Api.Management.ViewModels.DataType;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType;
+
+public class CreateDataTypeControllerTests : ManagementApiUserGroupTestBase<CreateDataTypeController>
+{
+    protected override Expression<Func<CreateDataTypeController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateDataTypeRequestModel createDataTypeRequestModel = new()
+        {
+            Id = Guid.NewGuid(),
+            Parent = null,
+            Name = "TestDataType",
+            EditorAlias = "Umbraco.CheckBoxList",
+            EditorUiAlias = "Umb.PropertyEditorUi.CheckBoxList",
+        };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createDataTypeRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/DeleteDataTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/DeleteDataTypeControllerTests.cs
new file mode 100644
index 0000000000..a400845d9e
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/DeleteDataTypeControllerTests.cs
@@ -0,0 +1,69 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DataType;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+using Umbraco.Cms.Tests.Common.Builders.Extensions;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType;
+
+public class DeleteDataTypeControllerTests : ManagementApiUserGroupTestBase<DeleteDataTypeController>
+{
+    private IDataTypeService DataTypeService => GetRequiredService<IDataTypeService>();
+
+    private Guid _dataTypeKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var dataType = new DataTypeBuilder()
+            .WithId(0)
+            .WithName("Custom list view")
+            .WithDatabaseType(ValueStorageType.Nvarchar)
+            .AddEditor()
+                .WithAlias(Constants.PropertyEditors.Aliases.ListView)
+                .Done()
+            .Build();
+        var response = await DataTypeService.CreateAsync(dataType, Constants.Security.SuperUserKey);
+
+        _dataTypeKey = response.Result.Key;
+    }
+
+    protected override Expression<Func<DeleteDataTypeController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _dataTypeKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/ByKeyDataTypeFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/ByKeyDataTypeFolderControllerTests.cs
new file mode 100644
index 0000000000..fe8e097439
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/ByKeyDataTypeFolderControllerTests.cs
@@ -0,0 +1,55 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DataType.Folder;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType.Folder;
+
+public class ByKeyDataTypeFolderControllerTests : ManagementApiUserGroupTestBase<ByKeyDataTypeFolderController>
+{
+    private IDataTypeContainerService DataTypeContainerService => GetRequiredService<IDataTypeContainerService>();
+
+    private Guid _folderKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var response = await DataTypeContainerService.CreateAsync(Guid.NewGuid(), "TestFolder", Constants.System.RootKey, Constants.Security.SuperUserKey);
+        _folderKey = response.Result.Key;
+    }
+
+    protected override Expression<Func<ByKeyDataTypeFolderController, object>> MethodSelector =>
+        x => x.ByKey(CancellationToken.None, _folderKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/CreateDataTypeFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/CreateDataTypeFolderControllerTests.cs
new file mode 100644
index 0000000000..24618323a1
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/CreateDataTypeFolderControllerTests.cs
@@ -0,0 +1,51 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.DataType.Folder;
+using Umbraco.Cms.Api.Management.ViewModels.Folder;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType.Folder;
+
+public class CreateDataTypeFolderControllerTests : ManagementApiUserGroupTestBase<CreateDataTypeFolderController>
+{
+    protected override Expression<Func<CreateDataTypeFolderController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateFolderRequestModel createFolderModel =
+            new() { Id = Guid.NewGuid(), Parent = null, Name = "TestFolderName" };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createFolderModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/DeleteDataTypeFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/DeleteDataTypeFolderControllerTests.cs
new file mode 100644
index 0000000000..43fa4f0e53
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/DeleteDataTypeFolderControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DataType.Folder;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType.Folder;
+
+public class DeleteDataTypeFolderControllerTests : ManagementApiUserGroupTestBase<DeleteDataTypeFolderController>
+{
+    private IDataTypeContainerService DataTypeContainerService => GetRequiredService<IDataTypeContainerService>();
+
+    private Guid _folderKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var response = await DataTypeContainerService.CreateAsync(Guid.NewGuid(), "TestFolder", Constants.System.RootKey, Constants.Security.SuperUserKey);
+        _folderKey = response.Result.Key;
+    }
+
+    protected override Expression<Func<DeleteDataTypeFolderController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _folderKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/UpdateDataTypeFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/UpdateDataTypeFolderControllerTests.cs
new file mode 100644
index 0000000000..82537bd286
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Folder/UpdateDataTypeFolderControllerTests.cs
@@ -0,0 +1,64 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DataType.Folder;
+using Umbraco.Cms.Api.Management.ViewModels.Folder;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType.Folder;
+
+public class UpdateDataTypeFolderControllerTests : ManagementApiUserGroupTestBase<UpdateDataTypeFolderController>
+{
+    private IDataTypeContainerService DataTypeContainerService => GetRequiredService<IDataTypeContainerService>();
+
+    private Guid _folderKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var response = await DataTypeContainerService.CreateAsync(Guid.NewGuid(), "TestFolder", Constants.System.RootKey, Constants.Security.SuperUserKey);
+        _folderKey = response.Result.Key;
+    }
+
+    protected override Expression<Func<UpdateDataTypeFolderController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _folderKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateFolderResponseModel updateFolderModel = new() { Name = "TestUpdatedName" };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateFolderModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/IsUsedDataTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/IsUsedDataTypeControllerTests.cs
new file mode 100644
index 0000000000..15b41a0958
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/IsUsedDataTypeControllerTests.cs
@@ -0,0 +1,67 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DataType;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+using Umbraco.Cms.Tests.Common.Builders.Extensions;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType;
+
+public class IsUsedDataTypeControllerTests : ManagementApiUserGroupTestBase<IsUsedDataTypeController>
+{
+    private IDataTypeService DataTypeService => GetRequiredService<IDataTypeService>();
+
+    private Guid _dataTypeKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var dataType = new DataTypeBuilder()
+            .WithId(0)
+            .WithName("Custom list view")
+            .WithDatabaseType(ValueStorageType.Nvarchar)
+            .AddEditor()
+                .WithAlias(Constants.PropertyEditors.Aliases.ListView)
+                .Done()
+            .Build();
+        var response = await DataTypeService.CreateAsync(dataType, Constants.Security.SuperUserKey);
+
+        _dataTypeKey = response.Result.Key;
+    }
+
+    protected override Expression<Func<IsUsedDataTypeController, object>> MethodSelector =>
+        x => x.IsUsed(CancellationToken.None, _dataTypeKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Item/ItemDatatypeItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Item/ItemDatatypeItemControllerTests.cs
new file mode 100644
index 0000000000..8243ab6077
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Item/ItemDatatypeItemControllerTests.cs
@@ -0,0 +1,66 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DataType.Item;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+using Umbraco.Cms.Tests.Common.Builders.Extensions;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType.Item;
+
+public class ItemDatatypeItemControllerTests : ManagementApiUserGroupTestBase<ItemDatatypeItemController>
+{
+    private IDataTypeService DataTypeService => GetRequiredService<IDataTypeService>();
+
+    private Guid _dataTypeKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var dataType = new DataTypeBuilder()
+            .WithId(0)
+            .WithName("Custom list view")
+            .WithDatabaseType(ValueStorageType.Nvarchar)
+            .AddEditor()
+                .WithAlias(Constants.PropertyEditors.Aliases.ListView)
+                .Done()
+            .Build();
+        var response = await DataTypeService.CreateAsync(dataType, Constants.Security.SuperUserKey);
+        _dataTypeKey = response.Result.Key;
+    }
+
+    protected override Expression<Func<ItemDatatypeItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<Guid> { _dataTypeKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/MoveDataTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/MoveDataTypeControllerTests.cs
new file mode 100644
index 0000000000..cbe3cdc9e2
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/MoveDataTypeControllerTests.cs
@@ -0,0 +1,83 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DataType;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.DataType;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Tests.Common.Builders;
+using Umbraco.Cms.Tests.Common.Builders.Extensions;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType;
+
+public class MoveDataTypeControllerTests : ManagementApiUserGroupTestBase<MoveDataTypeController>
+{
+    private IDataTypeContainerService DataTypeContainerService => GetRequiredService<IDataTypeContainerService>();
+
+    private IDataTypeService DataTypeService => GetRequiredService<IDataTypeService>();
+
+    private Guid _dataTypeKey;
+    private Guid _folderKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var responseFolder = await DataTypeContainerService.CreateAsync(Guid.NewGuid(), "TestFolder", Constants.System.RootKey, Constants.Security.SuperUserKey);
+        _folderKey = responseFolder.Result.Key;
+
+        var dataType = new DataTypeBuilder()
+            .WithId(0)
+            .WithName("Custom list view")
+            .WithDatabaseType(ValueStorageType.Nvarchar)
+            .AddEditor()
+                .WithAlias(Constants.PropertyEditors.Aliases.ListView)
+                .Done()
+            .Build();
+        var responseDataType = await DataTypeService.CreateAsync(dataType, Constants.Security.SuperUserKey);
+
+        _dataTypeKey = responseDataType.Result.Key;
+    }
+
+    protected override Expression<Func<MoveDataTypeController, object>> MethodSelector =>
+        x => x.Move(CancellationToken.None, _dataTypeKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        MoveDataTypeRequestModel moveDataTypeRequestModel = new() { Target = new ReferenceByIdModel(_folderKey) };
+
+        return await Client.PutAsync(Url, JsonContent.Create(moveDataTypeRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Tree/ChildrenDataTypeTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Tree/ChildrenDataTypeTreeControllerTests.cs
new file mode 100644
index 0000000000..9310df9af0
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Tree/ChildrenDataTypeTreeControllerTests.cs
@@ -0,0 +1,75 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DataType.Tree;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+using Umbraco.Cms.Tests.Common.Builders.Extensions;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType.Tree;
+
+public class ChildrenDataTypeTreeControllerTests : ManagementApiUserGroupTestBase<ChildrenDataTypeTreeController>
+{
+    private IDataTypeService DataTypeService => GetRequiredService<IDataTypeService>();
+
+    private IDataTypeContainerService DataTypeContainerService => GetRequiredService<IDataTypeContainerService>();
+
+    private Guid _dataTypeFolderKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Folder
+        _dataTypeFolderKey = Guid.NewGuid();
+        await DataTypeContainerService.CreateAsync(_dataTypeFolderKey, Guid.NewGuid().ToString(), Constants.System.RootKey, Constants.Security.SuperUserKey);
+        var createdFolder = await DataTypeContainerService.GetAsync(_dataTypeFolderKey);
+        var folderId = createdFolder.Id;
+
+        // Datatype
+        var dataType = new DataTypeBuilder()
+            .WithId(0)
+            .WithName("Custom list view")
+            .WithDatabaseType(ValueStorageType.Nvarchar)
+            .AddEditor()
+                .WithAlias(Constants.PropertyEditors.Aliases.ListView)
+                .Done()
+            .WithParentId(folderId)
+            .Build();
+        await DataTypeService.CreateAsync(dataType, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ChildrenDataTypeTreeController, object>> MethodSelector =>
+        x => x.Children(CancellationToken.None, _dataTypeFolderKey, 0, 100, false);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Tree/RootDataTypeTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Tree/RootDataTypeTreeControllerTests.cs
new file mode 100644
index 0000000000..c0ae85eb58
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/Tree/RootDataTypeTreeControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.DataType.Tree;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType.Tree;
+
+public class RootDataTypeTreeControllerTests : ManagementApiUserGroupTestBase<RootDataTypeTreeController>
+{
+    protected override Expression<Func<RootDataTypeTreeController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100, false);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DataType/UpdateDataTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/UpdateDataTypeControllerTests.cs
new file mode 100644
index 0000000000..3d8cef299b
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DataType/UpdateDataTypeControllerTests.cs
@@ -0,0 +1,86 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DataType;
+using Umbraco.Cms.Api.Management.ViewModels.DataType;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+using Umbraco.Cms.Tests.Common.Builders.Extensions;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DataType;
+
+public class UpdateDataTypeControllerTests : ManagementApiUserGroupTestBase<UpdateDataTypeController>
+{
+    private IDataTypeService DataTypeService => GetRequiredService<IDataTypeService>();
+
+    private Guid _dataTypeId;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var dataType = new DataTypeBuilder()
+            .WithId(0)
+            .WithName("Custom list view")
+            .WithDatabaseType(ValueStorageType.Nvarchar)
+            .AddEditor()
+                .WithAlias(Constants.PropertyEditors.Aliases.ListView)
+                .Done()
+            .Build();
+        var response = await DataTypeService.CreateAsync(dataType, Constants.Security.SuperUserKey);
+
+        _dataTypeId = response.Result.Key;
+    }
+
+    protected override Expression<Func<UpdateDataTypeController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _dataTypeId, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateDataTypeRequestModel updateDataTypeRequestModel =
+            new()
+            {
+                Name = "TestNameUpdated",
+                EditorAlias = "Umbraco.Label",
+                EditorUiAlias = "Umb.PropertyEditorUi.Label",
+                Values = new List<DataTypePropertyPresentationModel>
+                {
+                    new DataTypePropertyPresentationModel { Alias = "ValueAlias", Value = "TestValue", },
+                },
+            };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateDataTypeRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/AllDictionaryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/AllDictionaryControllerTests.cs
new file mode 100644
index 0000000000..bf11e8ea3b
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/AllDictionaryControllerTests.cs
@@ -0,0 +1,54 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Dictionary;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Dictionary;
+
+public class AllDictionaryControllerTests : ManagementApiUserGroupTestBase<AllDictionaryController>
+{
+    private IDictionaryItemService DictionaryItemService => GetRequiredService<IDictionaryItemService>();
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var dictionaryItem = new DictionaryItem(Constants.System.RootKey, Guid.NewGuid().ToString());
+        await DictionaryItemService.CreateAsync(dictionaryItem, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<AllDictionaryController, object>> MethodSelector =>
+        x => x.All(CancellationToken.None, null, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/ByKeyDictionaryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/ByKeyDictionaryControllerTests.cs
new file mode 100644
index 0000000000..6e53c06390
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/ByKeyDictionaryControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Dictionary;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Dictionary;
+
+public class ByKeyDictionaryControllerTests : ManagementApiUserGroupTestBase<ByKeyDictionaryController>
+{
+    private IDictionaryItemService DictionaryItemService => GetRequiredService<IDictionaryItemService>();
+
+    private Guid _dictionaryKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var dictionaryItem = new DictionaryItem(Constants.System.RootKey, Guid.NewGuid().ToString());
+        _dictionaryKey = dictionaryItem.Key;
+        await DictionaryItemService.CreateAsync(dictionaryItem, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ByKeyDictionaryController, object>> MethodSelector =>
+        x => x.ByKey(CancellationToken.None, _dictionaryKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/CreateDictionaryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/CreateDictionaryControllerTests.cs
new file mode 100644
index 0000000000..f7476ac9be
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/CreateDictionaryControllerTests.cs
@@ -0,0 +1,51 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Dictionary;
+using Umbraco.Cms.Api.Management.ViewModels.Dictionary;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Dictionary;
+
+public class CreateDictionaryControllerTests : ManagementApiUserGroupTestBase<CreateDictionaryController>
+{
+    protected override Expression<Func<CreateDictionaryController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateDictionaryItemRequestModel createDictionaryItemRequestModel =
+            new() { Id = Guid.NewGuid(), Parent = null, Name = Guid.NewGuid().ToString() };
+        return await Client.PostAsync(Url, JsonContent.Create(createDictionaryItemRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/DeleteDictionaryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/DeleteDictionaryControllerTests.cs
new file mode 100644
index 0000000000..2bcb666412
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/DeleteDictionaryControllerTests.cs
@@ -0,0 +1,59 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Dictionary;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Dictionary;
+
+public class DeleteDictionaryControllerTests : ManagementApiUserGroupTestBase<DeleteDictionaryController>
+{
+    private IDictionaryItemService DictionaryItemService => GetRequiredService<IDictionaryItemService>();
+
+    private Guid _dictionaryKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var dictionaryItem = new DictionaryItem(Constants.System.RootKey, Guid.NewGuid().ToString());
+        _dictionaryKey = dictionaryItem.Key;
+        await DictionaryItemService.CreateAsync(dictionaryItem, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<DeleteDictionaryController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _dictionaryKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/ExportDictionaryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/ExportDictionaryControllerTests.cs
new file mode 100644
index 0000000000..c85aacaf05
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/ExportDictionaryControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Dictionary;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Dictionary;
+
+public class ExportDictionaryControllerTests : ManagementApiUserGroupTestBase<ExportDictionaryController>
+{
+    private IDictionaryItemService DictionaryItemService => GetRequiredService<IDictionaryItemService>();
+
+    private Guid _dictionaryKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var dictionaryItem = new DictionaryItem(Constants.System.RootKey, Guid.NewGuid().ToString());
+        _dictionaryKey = dictionaryItem.Key;
+        await DictionaryItemService.CreateAsync(dictionaryItem, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ExportDictionaryController, object>> MethodSelector =>
+            x => x.Export(CancellationToken.None, _dictionaryKey, false);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/ImportDictionaryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/ImportDictionaryControllerTests.cs
new file mode 100644
index 0000000000..1f5b53ab3d
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/ImportDictionaryControllerTests.cs
@@ -0,0 +1,93 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Microsoft.Extensions.DependencyInjection;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Dictionary;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.Dictionary;
+using Umbraco.Cms.Core.Configuration.Models;
+using Umbraco.Cms.Core.Models.TemporaryFile;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Dictionary;
+
+public class ImportDictionaryControllerTests : ManagementApiUserGroupTestBase<ImportDictionaryController>
+{
+    private ITemporaryFileService TemporaryFileService => GetRequiredService<ITemporaryFileService>();
+
+    private Guid _temporaryFileKey;
+
+    // We need to override the setup to add the file extension for dictionaries
+    protected override void CustomTestSetup(IUmbracoBuilder builder)
+    {
+        base.CustomTestSetup(builder);
+
+        builder.Services.Configure<ContentSettings>(options =>
+        {
+            options.AllowedUploadedFileExtensions = new HashSet<string> { "udt" };
+        });
+    }
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var createTempFileModel = new CreateTemporaryFileModel
+        {
+            FileName = "test.udt",
+            Key = Guid.NewGuid(),
+            OpenReadStream = () =>
+            {
+                var stream = new MemoryStream();
+                var writer = new StreamWriter(stream);
+                writer.Write("<DictionaryItem Key=\"0115a059-4668-49d6-b1a9-7eef8b483fe0\" Name=\"test\" />");
+                writer.Flush();
+                stream.Position = 0;
+                return stream;
+            },
+        };
+
+        var response = await TemporaryFileService.CreateAsync(createTempFileModel);
+        _temporaryFileKey = response.Result.Key;
+    }
+
+    protected override Expression<Func<ImportDictionaryController, object>> MethodSelector =>
+        x => x.Import(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        ImportDictionaryRequestModel importDictionaryRequestModel =
+            new() { TemporaryFile = new ReferenceByIdModel(_temporaryFileKey) };
+        return await Client.PostAsync(Url, JsonContent.Create(importDictionaryRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/Item/ItemDictionaryItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/Item/ItemDictionaryItemControllerTests.cs
new file mode 100644
index 0000000000..6790aeb691
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/Item/ItemDictionaryItemControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Dictionary.Item;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Dictionary.Item;
+
+public class ItemDictionaryItemControllerTests : ManagementApiUserGroupTestBase<ItemDictionaryItemController>
+{
+    private IDictionaryItemService DictionaryItemService => GetRequiredService<IDictionaryItemService>();
+
+    private Guid _dictionaryKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var dictionaryItem = new DictionaryItem(Constants.System.RootKey, Guid.NewGuid().ToString());
+        _dictionaryKey = dictionaryItem.Key;
+        await DictionaryItemService.CreateAsync(dictionaryItem, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ItemDictionaryItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<Guid> { _dictionaryKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/MoveDictionaryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/MoveDictionaryControllerTests.cs
new file mode 100644
index 0000000000..a239fb4984
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/MoveDictionaryControllerTests.cs
@@ -0,0 +1,73 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Dictionary;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.Dictionary;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Dictionary;
+
+public class MoveDictionaryControllerTests : ManagementApiUserGroupTestBase<MoveDictionaryController>
+{
+    private IDictionaryItemService DictionaryItemService => GetRequiredService<IDictionaryItemService>();
+
+    private Guid _originalId;
+    private Guid _targetId;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var originalDictionaryItem = new DictionaryItem(Constants.System.RootKey, Guid.NewGuid().ToString());
+        var targetDictionaryItem = new DictionaryItem(Constants.System.RootKey, Guid.NewGuid().ToString());
+
+        _originalId = originalDictionaryItem.Key;
+        _targetId = targetDictionaryItem.Key;
+
+        await DictionaryItemService.CreateAsync(originalDictionaryItem, Constants.Security.SuperUserKey);
+        await DictionaryItemService.CreateAsync(targetDictionaryItem, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<MoveDictionaryController, object>> MethodSelector =>
+        x => x.Move(CancellationToken.None, _originalId, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        MoveDictionaryRequestModel moveDictionaryRequestModel =
+            new() { Target = new ReferenceByIdModel(_targetId) };
+        return await Client.PutAsync(Url, JsonContent.Create(moveDictionaryRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/Tree/ChildrenDictionaryTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/Tree/ChildrenDictionaryTreeControllerTests.cs
new file mode 100644
index 0000000000..9c5e1f70e8
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/Tree/ChildrenDictionaryTreeControllerTests.cs
@@ -0,0 +1,62 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Dictionary.Tree;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Dictionary.Tree;
+
+public class ChildrenDictionaryTreeControllerTests : ManagementApiUserGroupTestBase<ChildrenDictionaryTreeController>
+{
+    private IDictionaryItemService DictionaryItemService => GetRequiredService<IDictionaryItemService>();
+
+    private Guid _parentDictionaryKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Parent dictionary
+        var dictionaryParentItem = new DictionaryItem(Constants.System.RootKey, Guid.NewGuid().ToString());
+        _parentDictionaryKey = dictionaryParentItem.Key;
+        await DictionaryItemService.CreateAsync(dictionaryParentItem, Constants.Security.SuperUserKey);
+
+        // Child dictionary
+        var dictionaryChildItem = new DictionaryItem(_parentDictionaryKey, Guid.NewGuid().ToString());
+        await DictionaryItemService.CreateAsync(dictionaryChildItem, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ChildrenDictionaryTreeController, object>> MethodSelector =>
+        x => x.Children(CancellationToken.None, _parentDictionaryKey, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/Tree/RootDictionaryTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/Tree/RootDictionaryTreeControllerTests.cs
new file mode 100644
index 0000000000..dcc6ec2896
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/Tree/RootDictionaryTreeControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Dictionary.Tree;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Dictionary.Tree;
+
+public class RootDictionaryTreeControllerTests : ManagementApiUserGroupTestBase<RootDictionaryTreeController>
+{
+    protected override Expression<Func<RootDictionaryTreeController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/UpdateDictionaryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/UpdateDictionaryControllerTests.cs
new file mode 100644
index 0000000000..dc013a6b18
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Dictionary/UpdateDictionaryControllerTests.cs
@@ -0,0 +1,67 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Dictionary;
+using Umbraco.Cms.Api.Management.ViewModels.Dictionary;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Dictionary;
+
+public class UpdateDictionaryControllerTests : ManagementApiUserGroupTestBase<UpdateDictionaryController>
+{
+    private IDictionaryItemService DictionaryItemService => GetRequiredService<IDictionaryItemService>();
+
+    private Guid _dictionaryKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var dictionaryItem = new DictionaryItem(Constants.System.RootKey, Guid.NewGuid().ToString());
+
+        _dictionaryKey = dictionaryItem.Key;
+
+        await DictionaryItemService.CreateAsync(dictionaryItem, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<UpdateDictionaryController, object>> MethodSelector => x => x.Update(CancellationToken.None, _dictionaryKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateDictionaryItemRequestModel updateDictionaryItemRequestModel =
+            new() { Name = Guid.NewGuid().ToString(), };
+        return await Client.PutAsync(Url, JsonContent.Create(updateDictionaryItemRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/ByKeyDocumentControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/ByKeyDocumentControllerTests.cs
new file mode 100644
index 0000000000..8ed8dc6582
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/ByKeyDocumentControllerTests.cs
@@ -0,0 +1,79 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class ByKeyDocumentControllerTests : ManagementApiUserGroupTestBase<ByKeyDocumentController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private Guid _documentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id,
+            name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Content
+        var createModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var response = await ContentEditingService.CreateAsync(createModel, Constants.Security.SuperUserKey);
+        _documentKey = response.Result.Content.Key;
+    }
+
+    protected override Expression<Func<ByKeyDocumentController, object>> MethodSelector =>
+        x => x.ByKey(CancellationToken.None, _documentKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/CopyDocumentControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/CopyDocumentControllerTests.cs
new file mode 100644
index 0000000000..2ebb4d7d87
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/CopyDocumentControllerTests.cs
@@ -0,0 +1,105 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.Document;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class CopyDocumentControllerTests : ManagementApiUserGroupTestBase<CopyDocumentController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private Guid _targetContentKey;
+    private Guid _moveContentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        contentType.AllowedContentTypes = [new ContentTypeSort(contentType.Key, 0, contentType.Alias)];
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Target Content
+        var targetCreateModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseParent = await ContentEditingService.CreateAsync(targetCreateModel, Constants.Security.SuperUserKey);
+        _targetContentKey = responseParent.Result.Content.Key;
+
+        // Move Content
+        var moveCreateModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseChild = await ContentEditingService.CreateAsync(moveCreateModel, Constants.Security.SuperUserKey);
+        _moveContentKey = responseChild.Result.Content.Key;
+    }
+
+    protected override Expression<Func<CopyDocumentController, object>> MethodSelector =>
+        x => x.Copy(CancellationToken.None, _moveContentKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CopyDocumentRequestModel copyDocumentRequestModel = new()
+        {
+            Target = new ReferenceByIdModel(_targetContentKey), RelateToOriginal = true, IncludeDescendants = true,
+        };
+
+        return await Client.PostAsync(Url, JsonContent.Create(copyDocumentRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/CreateDocumentControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/CreateDocumentControllerTests.cs
new file mode 100644
index 0000000000..086cd42962
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/CreateDocumentControllerTests.cs
@@ -0,0 +1,88 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.Document;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class CreateDocumentControllerTests : ManagementApiUserGroupTestBase<CreateDocumentController>
+{
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private Guid _templateKey;
+    private Guid _contentTypeKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+        _templateKey = template.Key;
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+        _contentTypeKey = contentType.Key;
+    }
+
+    protected override Expression<Func<CreateDocumentController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateDocumentRequestModel createDocumentRequestModel = new()
+        {
+            Template = new ReferenceByIdModel(_templateKey),
+            DocumentType = new ReferenceByIdModel(_contentTypeKey),
+            Parent = null,
+            Id = Guid.NewGuid(),
+            Values = new DocumentValueModel[] { },
+            Variants = new DocumentVariantRequestModel[]
+            {
+                new() { Culture = null, Segment = null, Name = "The en-US name", },
+            },
+        };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createDocumentRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/CreatePublicAccessDocumentControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/CreatePublicAccessDocumentControllerTests.cs
new file mode 100644
index 0000000000..268f67bff8
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/CreatePublicAccessDocumentControllerTests.cs
@@ -0,0 +1,129 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.PublicAccess;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class
+    CreatePublicAccessDocumentControllerTests : ManagementApiUserGroupTestBase<CreatePublicAccessDocumentController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private IMemberTypeService MemberTypeService => GetRequiredService<IMemberTypeService>();
+
+    private IMemberService MemberService => GetRequiredService<IMemberService>();
+
+    private Guid _contentDefaultPageKey;
+    private Guid _contentLoginPageKey;
+    private Guid _contentErrorPageKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Default page
+        var createDefaultPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseDefaultPage = await ContentEditingService.CreateAsync(createDefaultPageModel, Constants.Security.SuperUserKey);
+        _contentDefaultPageKey = responseDefaultPage.Result.Content.Key;
+
+        // Login page
+        var createLoginPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseLoginPage = await ContentEditingService.CreateAsync(createLoginPageModel, Constants.Security.SuperUserKey);
+        _contentLoginPageKey = responseLoginPage.Result.Content.Key;
+
+        // Error page
+        var createErrorPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseErrorPage = await ContentEditingService.CreateAsync(createErrorPageModel, Constants.Security.SuperUserKey);
+        _contentErrorPageKey = responseErrorPage.Result.Content.Key;
+
+        // Member
+        var memberType = MemberTypeBuilder.CreateSimpleMemberType();
+        await MemberTypeService.CreateAsync(memberType, Constants.Security.SuperUserKey);
+        var member = MemberService.CreateMember("test", "test@test.com", "T. Est", memberType.Alias);
+        MemberService.Save(member);
+    }
+
+    protected override Expression<Func<CreatePublicAccessDocumentController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, _contentDefaultPageKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        PublicAccessRequestModel publicAccessRequestModel = new()
+        {
+            MemberUserNames = ["test@test.com"],
+            MemberGroupNames = [],
+            LoginDocument = new ReferenceByIdModel(_contentLoginPageKey),
+            ErrorDocument = new ReferenceByIdModel(_contentErrorPageKey),
+        };
+
+        return await Client.PostAsync(Url, JsonContent.Create(publicAccessRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/DeletePublicAccessDocumentControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/DeletePublicAccessDocumentControllerTests.cs
new file mode 100644
index 0000000000..f7412aa888
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/DeletePublicAccessDocumentControllerTests.cs
@@ -0,0 +1,129 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class DeletePublicAccessDocumentControllerTests : ManagementApiUserGroupTestBase<DeletePublicAccessDocumentController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private IMemberTypeService MemberTypeService => GetRequiredService<IMemberTypeService>();
+
+    private IMemberService MemberService => GetRequiredService<IMemberService>();
+
+    private IPublicAccessService PublicAccessService => GetRequiredService<IPublicAccessService>();
+
+    private Guid _contentDefaultPageKey;
+    private Guid _contentLoginPageKey;
+    private Guid _contentErrorPageKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Default page
+        var createDefaultPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseDefaultPage = await ContentEditingService.CreateAsync(createDefaultPageModel, Constants.Security.SuperUserKey);
+        _contentDefaultPageKey = responseDefaultPage.Result.Content.Key;
+
+        // Login page
+        var createLoginPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseLoginPage = await ContentEditingService.CreateAsync(createLoginPageModel, Constants.Security.SuperUserKey);
+        _contentLoginPageKey = responseLoginPage.Result.Content.Key;
+
+        // Error page
+        var createErrorPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseErrorPage = await ContentEditingService.CreateAsync(createErrorPageModel, Constants.Security.SuperUserKey);
+        _contentErrorPageKey = responseErrorPage.Result.Content.Key;
+
+        // Member
+        var memberType = MemberTypeBuilder.CreateSimpleMemberType();
+        await MemberTypeService.CreateAsync(memberType, Constants.Security.SuperUserKey);
+
+        var member = MemberService.CreateMember("test", "test@test.com", "T. Est", memberType.Alias);
+        MemberService.Save(member);
+
+        // Public Access
+        PublicAccessEntrySlim publicAccessEntry = new()
+        {
+            ContentId = _contentDefaultPageKey,
+            ErrorPageId = _contentErrorPageKey,
+            LoginPageId = _contentLoginPageKey,
+            MemberUserNames = [member.Email],
+            MemberGroupNames = [],
+        };
+        await PublicAccessService.CreateAsync(publicAccessEntry);
+    }
+
+    protected override Expression<Func<DeletePublicAccessDocumentController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _contentDefaultPageKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/DomainsControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/DomainsControllerTests.cs
new file mode 100644
index 0000000000..20be29dd00
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/DomainsControllerTests.cs
@@ -0,0 +1,102 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Models.ContentPublishing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class DomainsControllerTests : ManagementApiUserGroupTestBase<DomainsController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private IContentPublishingService ContentPublishingService => GetRequiredService<IContentPublishingService>();
+
+    private IDomainService DomainService => GetRequiredService<IDomainService>();
+
+    private ILanguageService LanguageService => GetRequiredService<ILanguageService>();
+
+    private Guid _documentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Content
+        var createModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var response = await ContentEditingService.CreateAsync(createModel, Constants.Security.SuperUserKey);
+        _documentKey = response.Result.Content.Key;
+
+        // Publish
+        var cultureAndSchedule = new CulturePublishScheduleModel()
+        {
+            Culture = "*",
+        };
+        await ContentPublishingService.PublishAsync(_documentKey, [cultureAndSchedule], Constants.Security.SuperUserKey);
+
+        // Language
+        await LanguageService.CreateAsync(new Core.Models.Language("da-DK", "Danish"), Constants.Security.SuperUserKey);
+
+        // Domain
+        var domainsUpdateModel = new DomainsUpdateModel
+        {
+            DefaultIsoCode = "en-US", Domains = new DomainModel { DomainName = "Test", IsoCode = "da-DK" }.Yield(),
+        };
+        await DomainService.UpdateDomainsAsync(_documentKey, domainsUpdateModel);
+    }
+
+    protected override Expression<Func<DomainsController, object>> MethodSelector =>
+        x => x.Domains(CancellationToken.None, _documentKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/GetPublicAccessDocumentControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/GetPublicAccessDocumentControllerTests.cs
new file mode 100644
index 0000000000..0ab5f3c0b5
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/GetPublicAccessDocumentControllerTests.cs
@@ -0,0 +1,126 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class GetPublicAccessDocumentControllerTests : ManagementApiUserGroupTestBase<GetPublicAccessDocumentController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private IMemberTypeService MemberTypeService => GetRequiredService<IMemberTypeService>();
+
+    private IMemberService MemberService => GetRequiredService<IMemberService>();
+
+    private IPublicAccessService PublicAccessService => GetRequiredService<IPublicAccessService>();
+
+    private Guid _contentDefaultPageKey;
+    private Guid _contentLoginPageKey;
+    private Guid _contentErrorPageKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Default page
+        var createDefaultPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseDefaultPage = await ContentEditingService.CreateAsync(createDefaultPageModel, Constants.Security.SuperUserKey);
+        _contentDefaultPageKey = responseDefaultPage.Result.Content.Key;
+
+        // Login page
+        var createLoginPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseLoginPage = await ContentEditingService.CreateAsync(createLoginPageModel, Constants.Security.SuperUserKey);
+        _contentLoginPageKey = responseLoginPage.Result.Content.Key;
+
+        // Error page
+        var createErrorPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseErrorPage = await ContentEditingService.CreateAsync(createErrorPageModel, Constants.Security.SuperUserKey);
+        _contentErrorPageKey = responseErrorPage.Result.Content.Key;
+
+        // Member
+        var memberType = MemberTypeBuilder.CreateSimpleMemberType();
+        await MemberTypeService.CreateAsync(memberType, Constants.Security.SuperUserKey);
+        var member = MemberService.CreateMember("test", "test@test.com", "T. Est", memberType.Alias);
+        MemberService.Save(member);
+
+        // Public Access
+        PublicAccessEntrySlim publicAccessEntry = new()
+        {
+            ContentId = _contentDefaultPageKey,
+            ErrorPageId = _contentErrorPageKey,
+            LoginPageId = _contentLoginPageKey,
+            MemberUserNames = [member.Email],
+            MemberGroupNames = [],
+        };
+        await PublicAccessService.CreateAsync(publicAccessEntry);
+    }
+
+    protected override Expression<Func<GetPublicAccessDocumentController, object>> MethodSelector =>
+        x => x.GetPublicAccess(CancellationToken.None, _contentDefaultPageKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/Item/ItemDocumentItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/Item/ItemDocumentItemControllerTests.cs
new file mode 100644
index 0000000000..8d5ff23f4e
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/Item/ItemDocumentItemControllerTests.cs
@@ -0,0 +1,78 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document.Item;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document.Item;
+
+public class ItemDocumentItemControllerTests : ManagementApiUserGroupTestBase<ItemDocumentItemController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private Guid _contentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // ContentType
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Content
+        var createModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var response = await ContentEditingService.CreateAsync(createModel, Constants.Security.SuperUserKey);
+        _contentKey = response.Result.Content.Key;
+    }
+
+    protected override Expression<Func<ItemDocumentItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<Guid> { _contentKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/MoveDocumentControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/MoveDocumentControllerTests.cs
new file mode 100644
index 0000000000..24d13a739e
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/MoveDocumentControllerTests.cs
@@ -0,0 +1,102 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.Document;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class MoveDocumentControllerTests : ManagementApiUserGroupTestBase<MoveDocumentController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private Guid _targetContentKey;
+    private Guid _moveContentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        contentType.AllowedContentTypes = [new ContentTypeSort(contentType.Key, 0, contentType.Alias)];
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Target Content
+        var targetCreateModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseTarget = await ContentEditingService.CreateAsync(targetCreateModel, Constants.Security.SuperUserKey);
+        _targetContentKey = responseTarget.Result.Content.Key;
+
+        // Move Content
+        var moveCreateModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseMove = await ContentEditingService.CreateAsync(moveCreateModel, Constants.Security.SuperUserKey);
+        _moveContentKey = responseMove.Result.Content.Key;
+    }
+
+    protected override Expression<Func<MoveDocumentController, object>> MethodSelector =>
+        x => x.Move(CancellationToken.None, _moveContentKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        MoveDocumentRequestModel moveDocumentRequestModel = new() { Target = new ReferenceByIdModel(_targetContentKey), };
+
+        return await Client.PutAsync(Url, JsonContent.Create(moveDocumentRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/MoveToRecycleBinDocumentControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/MoveToRecycleBinDocumentControllerTests.cs
new file mode 100644
index 0000000000..e12be7a231
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/MoveToRecycleBinDocumentControllerTests.cs
@@ -0,0 +1,80 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class MoveToRecycleBinDocumentControllerTests : ManagementApiUserGroupTestBase<MoveToRecycleBinDocumentController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private Guid _documentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Content
+        var createModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var response = await ContentEditingService.CreateAsync(createModel, Constants.Security.SuperUserKey);
+        _documentKey = response.Result.Content.Key;
+    }
+
+    protected override Expression<Func<MoveToRecycleBinDocumentController, object>> MethodSelector =>
+        x => x.MoveToRecycleBin(CancellationToken.None, _documentKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.PutAsync(Url, null);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/NotificationsControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/NotificationsControllerTests.cs
new file mode 100644
index 0000000000..d78a293e53
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/NotificationsControllerTests.cs
@@ -0,0 +1,88 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class NotificationsControllerTests : ManagementApiUserGroupTestBase<NotificationsController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private INotificationService NotificationService => GetRequiredService<INotificationService>();
+
+    private Guid _contentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Content
+        var createModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var response = await ContentEditingService.CreateAsync(createModel, Constants.Security.SuperUserKey);
+        _contentKey = response.Result.Content.Key;
+
+        // User
+        var user = await UserService.GetAsync(Constants.Security.SuperUserKey);
+
+        // Notification
+        NotificationService.SetNotifications(user, contentType, ["X"]);
+    }
+
+    protected override Expression<Func<NotificationsController, object>> MethodSelector =>
+        x => x.Notifications(CancellationToken.None, _contentKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/RecycleBin/ChildrenDocumentRecycleBinControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/RecycleBin/ChildrenDocumentRecycleBinControllerTests.cs
new file mode 100644
index 0000000000..a027d6522b
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/RecycleBin/ChildrenDocumentRecycleBinControllerTests.cs
@@ -0,0 +1,92 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document.RecycleBin;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document.RecycleBin;
+
+public class ChildrenDocumentRecycleBinControllerTests : ManagementApiUserGroupTestBase<ChildrenDocumentRecycleBinController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private Guid _parentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        contentType.AllowedContentTypes = [new ContentTypeSort(contentType.Key, 0, contentType.Alias)];
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Parent Content
+        var parentCreateModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseParent = await ContentEditingService.CreateAsync(parentCreateModel, Constants.Security.SuperUserKey);
+        _parentKey = responseParent.Result.Content.Key;
+
+        // Child Content
+        var childCreateModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = _parentKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        await ContentEditingService.CreateAsync(childCreateModel, Constants.Security.SuperUserKey);
+
+        await ContentEditingService.MoveToRecycleBinAsync(_parentKey, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ChildrenDocumentRecycleBinController, object>> MethodSelector =>
+        x => x.Children(CancellationToken.None, _parentKey, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/RecycleBin/RootDocumentRecycleBinControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/RecycleBin/RootDocumentRecycleBinControllerTests.cs
new file mode 100644
index 0000000000..5638ec22ec
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/RecycleBin/RootDocumentRecycleBinControllerTests.cs
@@ -0,0 +1,80 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document.RecycleBin;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document.RecycleBin;
+
+public class RootDocumentRecycleBinControllerTests : ManagementApiUserGroupTestBase<RootDocumentRecycleBinController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private Guid _documentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Content
+        var createModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var response = await ContentEditingService.CreateAsync(createModel, Constants.Security.SuperUserKey);
+        _documentKey = response.Result.Content.Key;
+
+        await ContentEditingService.MoveToRecycleBinAsync(_documentKey, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<RootDocumentRecycleBinController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/SortDocumentControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/SortDocumentControllerTests.cs
new file mode 100644
index 0000000000..b8337f6b01
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/SortDocumentControllerTests.cs
@@ -0,0 +1,93 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Api.Management.ViewModels.Sorting;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class SortDocumentControllerTests : ManagementApiUserGroupTestBase<SortDocumentController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private Guid _contentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        contentType.AllowedContentTypes = [new ContentTypeSort(contentType.Key, 0, contentType.Alias)];
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Content
+        var createModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+
+        var response = await ContentEditingService.CreateAsync(createModel, Constants.Security.SuperUserKey);
+        _contentKey = response.Result.Content.Key;
+    }
+
+    protected override Expression<Func<SortDocumentController, object>> MethodSelector =>
+        x => x.Sort(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        SortingRequestModel sortingRequestModel = new()
+        {
+            Parent = null, Sorting = new[] { new ItemSortingRequestModel { Id = _contentKey, SortOrder = 0 } },
+        };
+
+        return await Client.PutAsync(Url, JsonContent.Create(sortingRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/Tree/ChildrenDocumentTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/Tree/ChildrenDocumentTreeControllerTests.cs
new file mode 100644
index 0000000000..df9093a288
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/Tree/ChildrenDocumentTreeControllerTests.cs
@@ -0,0 +1,90 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document.Tree;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document.Tree;
+
+public class ChildrenDocumentTreeControllerTests : ManagementApiUserGroupTestBase<ChildrenDocumentTreeController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private Guid _parentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        contentType.AllowedContentTypes = [new ContentTypeSort(contentType.Key, 0, contentType.Alias)];
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Parent Content
+        var parentCreateModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseParent = await ContentEditingService.CreateAsync(parentCreateModel, Constants.Security.SuperUserKey);
+        _parentKey = responseParent.Result.Content.Key;
+
+        // Child Content
+        var childCreateModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = _parentKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        await ContentEditingService.CreateAsync(childCreateModel, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ChildrenDocumentTreeController, object>> MethodSelector =>
+        x => x.Children(CancellationToken.None, _parentKey, 0, 100, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/Tree/RootDocumentTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/Tree/RootDocumentTreeControllerTests.cs
new file mode 100644
index 0000000000..d60e39a27a
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/Tree/RootDocumentTreeControllerTests.cs
@@ -0,0 +1,42 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Document.Tree;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document.Tree;
+
+public class RootDocumentTreeControllerTests : ManagementApiUserGroupTestBase<RootDocumentTreeController>
+{
+
+    protected override Expression<Func<RootDocumentTreeController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdateDocumentControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdateDocumentControllerTests.cs
new file mode 100644
index 0000000000..c429750aec
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdateDocumentControllerTests.cs
@@ -0,0 +1,95 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Api.Management.ViewModels.Document;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class UpdateDocumentControllerTests : ManagementApiUserGroupTestBase<UpdateDocumentController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private Guid _templateKey;
+    private Guid _documentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        var templateResponse = await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+        _templateKey = templateResponse.Result.Key;
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Content
+        var createModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = _templateKey,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var response = await ContentEditingService.CreateAsync(createModel, Constants.Security.SuperUserKey);
+        _documentKey = response.Result.Content.Key;
+    }
+
+    protected override Expression<Func<UpdateDocumentController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _documentKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateDocumentRequestModel updateDocumentRequestModel = new()
+        {
+            Variants = new DocumentVariantRequestModel[]
+            {
+                new() { Culture = null, Segment = null, Name = "The new name", },
+            },
+        };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateDocumentRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdateDomainsControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdateDomainsControllerTests.cs
new file mode 100644
index 0000000000..908181ee23
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdateDomainsControllerTests.cs
@@ -0,0 +1,119 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Api.Management.ViewModels.Document;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Models.ContentPublishing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class UpdateDomainsControllerTests : ManagementApiUserGroupTestBase<UpdateDomainsController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private IContentPublishingService ContentPublishingService => GetRequiredService<IContentPublishingService>();
+
+    private IDomainService DomainService => GetRequiredService<IDomainService>();
+
+    private ILanguageService LanguageService => GetRequiredService<ILanguageService>();
+
+    private Guid _documentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Content
+        var createModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var response = await ContentEditingService.CreateAsync(createModel, Constants.Security.SuperUserKey);
+        _documentKey = response.Result.Content.Key;
+
+        // Publish
+        var cultureAndSchedule = new CulturePublishScheduleModel()
+        {
+            Culture = "*",
+        };
+        await ContentPublishingService.PublishAsync(_documentKey, [cultureAndSchedule], Constants.Security.SuperUserKey);
+
+        // Language
+        await LanguageService.CreateAsync(new Core.Models.Language("da-DK", "Danish"), Constants.Security.SuperUserKey);
+
+        // Domain
+        var domainsUpdateModel = new DomainsUpdateModel
+        {
+            DefaultIsoCode = "en-US",
+            Domains = new DomainModel { DomainName = Guid.NewGuid().ToString(), IsoCode = "da-DK" }.Yield(),
+        };
+        await DomainService.UpdateDomainsAsync(_documentKey, domainsUpdateModel);
+    }
+
+    protected override Expression<Func<UpdateDomainsController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _documentKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateDomainsRequestModel updateDomainsRequestModel = new()
+        {
+            DefaultIsoCode = "en-US",
+            Domains = new DomainPresentationModel[]
+            {
+                new() { DomainName = Guid.NewGuid().ToString(), IsoCode = "en-US", },
+            },
+        };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateDomainsRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdateNotificationsControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdateNotificationsControllerTests.cs
new file mode 100644
index 0000000000..58bd76dc10
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdateNotificationsControllerTests.cs
@@ -0,0 +1,100 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Api.Management.ViewModels.Document;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class UpdateNotificationsControllerTests : ManagementApiUserGroupTestBase<UpdateNotificationsController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private INotificationService NotificationService => GetRequiredService<INotificationService>();
+
+    private Guid _contentKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Content
+        var createModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var response = await ContentEditingService.CreateAsync(createModel, Constants.Security.SuperUserKey);
+        _contentKey = response.Result.Content.Key;
+
+        // User
+        var user = await UserService.GetAsync(Constants.Security.SuperUserKey);
+
+        // Notification
+        NotificationService.SetNotifications(user, contentType, ["X"]);
+    }
+
+    protected override Expression<Func<UpdateNotificationsController, object>> MethodSelector =>
+        x => x.UpdateNotifications(CancellationToken.None, _contentKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateDocumentNotificationsRequestModel updateDocumentNotificationsRequestModel = new()
+        {
+            SubscribedActionIds = ["Umb.Document.Create"],
+        };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateDocumentNotificationsRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdatePublicAccessDocumentControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdatePublicAccessDocumentControllerTests.cs
new file mode 100644
index 0000000000..f3a46fe1d9
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Document/UpdatePublicAccessDocumentControllerTests.cs
@@ -0,0 +1,154 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Document;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.PublicAccess;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Document;
+
+public class UpdatePublicAccessDocumentControllerTests : ManagementApiUserGroupTestBase<UpdatePublicAccessDocumentController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private IMemberTypeService MemberTypeService => GetRequiredService<IMemberTypeService>();
+
+    private IMemberService MemberService => GetRequiredService<IMemberService>();
+
+    private IPublicAccessService PublicAccessService => GetRequiredService<IPublicAccessService>();
+
+    private Guid _contentDefaultPageKey;
+    private Guid _contentLoginPageKey;
+    private Guid _contentErrorPageKey;
+    private Guid _newContentErrorPageKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // ContentType
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Default page
+        var createDefaultPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseDefaultPage = await ContentEditingService.CreateAsync(createDefaultPageModel, Constants.Security.SuperUserKey);
+        _contentDefaultPageKey = responseDefaultPage.Result.Content.Key;
+
+        // Login page
+        var createLoginPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseLoginPage = await ContentEditingService.CreateAsync(createLoginPageModel, Constants.Security.SuperUserKey);
+        _contentLoginPageKey = responseLoginPage.Result.Content.Key;
+
+        // Error page
+        var createErrorPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseErrorPage = await ContentEditingService.CreateAsync(createErrorPageModel, Constants.Security.SuperUserKey);
+        _contentErrorPageKey = responseErrorPage.Result.Content.Key;
+
+        // New error page
+        var createNewErrorPageModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var responseNewErrorPage = await ContentEditingService.CreateAsync(createNewErrorPageModel, Constants.Security.SuperUserKey);
+        _newContentErrorPageKey = responseNewErrorPage.Result.Content.Key;
+
+        // Member
+        var memberType = MemberTypeBuilder.CreateSimpleMemberType();
+        await MemberTypeService.CreateAsync(memberType, Constants.Security.SuperUserKey);
+        var member = MemberService.CreateMember("test", "test@test.com", "T. Est", memberType.Alias);
+        MemberService.Save(member);
+
+        // Public Access
+        PublicAccessEntrySlim publicAccessEntry = new()
+        {
+            ContentId = _contentDefaultPageKey,
+            ErrorPageId = _contentErrorPageKey,
+            LoginPageId = _contentLoginPageKey,
+            MemberUserNames = [member.Email],
+            MemberGroupNames = [],
+        };
+        await PublicAccessService.CreateAsync(publicAccessEntry);
+    }
+
+    protected override Expression<Func<UpdatePublicAccessDocumentController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _contentDefaultPageKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        PublicAccessRequestModel publicAccessRequestModel = new()
+        {
+            MemberUserNames = ["test@test.com"],
+            MemberGroupNames = [],
+            LoginDocument = new ReferenceByIdModel(_contentDefaultPageKey),
+            ErrorDocument = new ReferenceByIdModel(_newContentErrorPageKey),
+        };
+
+        return await Client.PutAsync(Url, JsonContent.Create(publicAccessRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentBlueprint/Item/ItemDocumentBlueprintControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentBlueprint/Item/ItemDocumentBlueprintControllerTests.cs
new file mode 100644
index 0000000000..5d79612302
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentBlueprint/Item/ItemDocumentBlueprintControllerTests.cs
@@ -0,0 +1,85 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DocumentBlueprint.Item;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentBlueprint.Item;
+
+public class ItemDocumentBlueprintControllerTests : ManagementApiUserGroupTestBase<ItemDocumentBlueprintController>
+{
+    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
+
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private IContentBlueprintEditingService ContentBlueprintEditingService => GetRequiredService<IContentBlueprintEditingService>();
+
+    private Guid _contentKey;
+    private Guid _blueprintKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        var contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+
+        // Content
+        var createModel = new ContentCreateModel
+        {
+            ContentTypeKey = contentType.Key,
+            TemplateKey = template.Key,
+            ParentKey = Constants.System.RootKey,
+            Variants = new List<VariantModel> { new() { Name = Guid.NewGuid().ToString() } },
+        };
+        var response = await ContentEditingService.CreateAsync(createModel, Constants.Security.SuperUserKey);
+        _contentKey = response.Result.Content.Key;
+
+        // Blueprint
+        _blueprintKey = Guid.NewGuid();
+        await ContentBlueprintEditingService.CreateFromContentAsync(_contentKey, createModel.Variants.First().Name, _blueprintKey, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ItemDocumentBlueprintController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<Guid> { _blueprintKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentBlueprint/Tree/RootDocumentBlueprintTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentBlueprint/Tree/RootDocumentBlueprintTreeControllerTests.cs
new file mode 100644
index 0000000000..62178d4001
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentBlueprint/Tree/RootDocumentBlueprintTreeControllerTests.cs
@@ -0,0 +1,42 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.DocumentBlueprint.Tree;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentBlueprint.Tree;
+
+public class RootDocumentBlueprintTreeControllerTests : ManagementApiUserGroupTestBase<RootDocumentBlueprintTreeController>
+{
+
+    protected override Expression<Func<RootDocumentBlueprintTreeController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100, false);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/ByKeyDocumentTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/ByKeyDocumentTypeControllerTests.cs
new file mode 100644
index 0000000000..a414225e97
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/ByKeyDocumentTypeControllerTests.cs
@@ -0,0 +1,56 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DocumentType;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentTypeEditing;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentType;
+
+public class ByKeyDocumentTypeControllerTests : ManagementApiUserGroupTestBase<ByKeyDocumentTypeController>
+{
+    private IContentTypeEditingService ContentTypeEditingService => GetRequiredService<IContentTypeEditingService>();
+
+    private Guid _key;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _key = Guid.NewGuid();
+        await ContentTypeEditingService.CreateAsync(new ContentTypeCreateModel { Key = _key, Name = Guid.NewGuid().ToString(), Alias = Guid.NewGuid().ToString() }, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ByKeyDocumentTypeController, object>> MethodSelector =>
+        x => x.ByKey(CancellationToken.None, _key);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/CreateDocumentTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/CreateDocumentTypeControllerTests.cs
new file mode 100644
index 0000000000..bde6d40788
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/CreateDocumentTypeControllerTests.cs
@@ -0,0 +1,54 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.DocumentType;
+
+using Umbraco.Cms.Api.Management.ViewModels.DocumentType;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentType;
+
+public class CreateDocumentTypeControllerTests : ManagementApiUserGroupTestBase<CreateDocumentTypeController>
+{
+    protected override Expression<Func<CreateDocumentTypeController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateDocumentTypeRequestModel createDocumentTypeRequestModel = new()
+        {
+            Alias = "test", Name = "Test", Id = Guid.NewGuid(), Icon = "icon-document",
+        };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createDocumentTypeRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/DeleteDocumentTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/DeleteDocumentTypeControllerTests.cs
new file mode 100644
index 0000000000..4d705b0488
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/DeleteDocumentTypeControllerTests.cs
@@ -0,0 +1,58 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DocumentType;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentTypeEditing;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentType;
+
+public class DeleteDocumentTypeControllerTests : ManagementApiUserGroupTestBase<DeleteDocumentTypeController>
+{
+    private IContentTypeEditingService ContentTypeEditingService => GetRequiredService<IContentTypeEditingService>();
+
+    private Guid _key;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _key = Guid.NewGuid();
+        await ContentTypeEditingService.CreateAsync(new ContentTypeCreateModel { Key = _key, Name = "Test", Alias = "test" }, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<DeleteDocumentTypeController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _key);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/ByKeyDocumentTypeFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/ByKeyDocumentTypeFolderControllerTests.cs
new file mode 100644
index 0000000000..c82ce55203
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/ByKeyDocumentTypeFolderControllerTests.cs
@@ -0,0 +1,55 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DocumentType.Folder;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentType.Folder;
+
+public class ByKeyDocumentTypeFolderControllerTests : ManagementApiUserGroupTestBase<ByKeyDocumentTypeFolderController>
+{
+    private IContentTypeContainerService ContentTypeContainerService => GetRequiredService<IContentTypeContainerService>();
+
+    private Guid _key;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _key = Guid.NewGuid();
+        await ContentTypeContainerService.CreateAsync(_key, "Test", Constants.System.RootKey, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ByKeyDocumentTypeFolderController, object>> MethodSelector =>
+        x => x.ByKey(CancellationToken.None, _key);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/CreateDocumentTypeFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/CreateDocumentTypeFolderControllerTests.cs
new file mode 100644
index 0000000000..7b2a784ef9
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/CreateDocumentTypeFolderControllerTests.cs
@@ -0,0 +1,49 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.DocumentType.Folder;
+using Umbraco.Cms.Api.Management.ViewModels.Folder;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentType.Folder;
+
+public class CreateDocumentTypeFolderControllerTests : ManagementApiUserGroupTestBase<CreateDocumentTypeFolderController>
+{
+    protected override Expression<Func<CreateDocumentTypeFolderController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateFolderRequestModel createFolderRequestModel = new() { Name = "Test", };
+        return await Client.PostAsync(Url, JsonContent.Create(createFolderRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/DeleteDocumentTypeFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/DeleteDocumentTypeFolderControllerTests.cs
new file mode 100644
index 0000000000..1d28c68fcf
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/DeleteDocumentTypeFolderControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DocumentType.Folder;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentType.Folder;
+
+public class DeleteDocumentTypeFolderControllerTests : ManagementApiUserGroupTestBase<DeleteDocumentTypeFolderController>
+{
+    private IContentTypeContainerService ContentTypeContainerService => GetRequiredService<IContentTypeContainerService>();
+
+    private Guid _key;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _key = Guid.NewGuid();
+        await ContentTypeContainerService.CreateAsync(_key, "Test", null, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<DeleteDocumentTypeFolderController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _key);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/UpdateDocumentTypeFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/UpdateDocumentTypeFolderControllerTests.cs
new file mode 100644
index 0000000000..0072e015d3
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Folder/UpdateDocumentTypeFolderControllerTests.cs
@@ -0,0 +1,63 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DocumentType.Folder;
+using Umbraco.Cms.Api.Management.ViewModels.Folder;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentType.Folder;
+
+public class UpdateDocumentTypeFolderControllerTests : ManagementApiUserGroupTestBase<UpdateDocumentTypeFolderController>
+{
+    private IContentTypeContainerService ContentTypeContainerService => GetRequiredService<IContentTypeContainerService>();
+
+    private Guid _key;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _key = Guid.NewGuid();
+        await ContentTypeContainerService.CreateAsync(_key, "Test", null, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<UpdateDocumentTypeFolderController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _key, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateFolderResponseModel updateDocumentRequestModel = new() { Name = "Test", };
+        return await Client.PutAsync(Url, JsonContent.Create(updateDocumentRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Item/ItemDocumentTypeItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Item/ItemDocumentTypeItemControllerTests.cs
new file mode 100644
index 0000000000..f9d3bb179b
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Item/ItemDocumentTypeItemControllerTests.cs
@@ -0,0 +1,56 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DocumentType.Item;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentTypeEditing;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentType.Item;
+
+public class ItemDocumentTypeItemControllerTests : ManagementApiUserGroupTestBase<ItemDocumentTypeItemController>
+{
+    private IContentTypeEditingService ContentTypeEditingService => GetRequiredService<IContentTypeEditingService>();
+
+    private Guid _key;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _key = Guid.NewGuid();
+        await ContentTypeEditingService.CreateAsync(new ContentTypeCreateModel { Key = _key, Name = Guid.NewGuid().ToString(), Alias = Guid.NewGuid().ToString() }, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ItemDocumentTypeItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<Guid> { Guid.NewGuid() });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Root/ChildrenDocumentTypeTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Root/ChildrenDocumentTypeTreeControllerTests.cs
new file mode 100644
index 0000000000..cf582000df
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Root/ChildrenDocumentTypeTreeControllerTests.cs
@@ -0,0 +1,62 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DocumentType.Tree;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentTypeEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentType.Root;
+
+public class ChildrenDocumentTypeTreeControllerTests : ManagementApiUserGroupTestBase<ChildrenDocumentTypeTreeController>
+{
+    private IContentTypeEditingService ContentTypeEditingService => GetRequiredService<IContentTypeEditingService>();
+
+    private IContentTypeContainerService ContentTypeContainerService => GetRequiredService<IContentTypeContainerService>();
+
+    private Guid _contentFolderKey;
+    private Guid _contentTypeKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _contentFolderKey = Guid.NewGuid();
+        await ContentTypeContainerService.CreateAsync(_contentFolderKey,"Folder", null, Constants.Security.SuperUserKey);
+        _contentTypeKey = Guid.NewGuid();
+        await ContentTypeEditingService.CreateAsync(new ContentTypeCreateModel { Key = _contentTypeKey, Name = "Test", Alias = "test",  ContainerKey = _contentFolderKey}, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ChildrenDocumentTypeTreeController, object>> MethodSelector =>
+        x => x.Children(CancellationToken.None, _contentFolderKey, 0, 100, false);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Root/RootDocumentTypeTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Root/RootDocumentTypeTreeControllerTests.cs
new file mode 100644
index 0000000000..e4bac25c27
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/Root/RootDocumentTypeTreeControllerTests.cs
@@ -0,0 +1,42 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.DocumentType.Tree;
+
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentType.Root;
+
+public class RootDocumentTypeTreeControllerTests : ManagementApiUserGroupTestBase<RootDocumentTypeTreeController>
+{
+    protected override Expression<Func<RootDocumentTypeTreeController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100, false);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/UpdateDocumentTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/UpdateDocumentTypeControllerTests.cs
new file mode 100644
index 0000000000..a3160ecd9f
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/DocumentType/UpdateDocumentTypeControllerTests.cs
@@ -0,0 +1,65 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.DocumentType;
+using Umbraco.Cms.Api.Management.ViewModels.DocumentType;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentTypeEditing;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.DocumentType;
+
+public class UpdateDocumentTypeControllerTests : ManagementApiUserGroupTestBase<UpdateDocumentTypeController>
+{
+    private IContentTypeEditingService ContentTypeEditingService => GetRequiredService<IContentTypeEditingService>();
+
+    private Guid _key;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _key = Guid.NewGuid();
+        await ContentTypeEditingService.CreateAsync(new ContentTypeCreateModel { Key = _key, Name = "Test", Alias = "test",  Icon = "icon-document" }, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<UpdateDocumentTypeController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _key, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateDocumentTypeRequestModel updateDocumentRequestModel = new() { Name = Guid.NewGuid().ToString(), Alias = Guid.NewGuid().ToString(), Icon = Guid.NewGuid().ToString() };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateDocumentRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/ExecuteActionHealthCheckControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/ExecuteActionHealthCheckControllerTests.cs
new file mode 100644
index 0000000000..249710ab1e
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/ExecuteActionHealthCheckControllerTests.cs
@@ -0,0 +1,64 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.HealthCheck;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.HealthCheck;
+using Umbraco.Cms.Core.HealthChecks;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.HealthCheck;
+
+public class ExecuteActionHealthCheckControllerTests : ManagementApiUserGroupTestBase<ExecuteActionHealthCheckController>
+{
+    private Guid _dataIntegrityHealthCheckId;
+
+    private HealthCheckCollection HealthChecks => GetRequiredService<HealthCheckCollection>();
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var dataIntegrityCheck = HealthChecks.FirstOrDefault(x => x.Name.Contains("Data Integrity", StringComparison.OrdinalIgnoreCase));
+        _dataIntegrityHealthCheckId = dataIntegrityCheck.Id;
+    }
+
+    protected override Expression<Func<ExecuteActionHealthCheckController, object>> MethodSelector =>
+        x => x.ExecuteAction(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.InternalServerError
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        HealthCheckActionRequestModel healthCheckActionRequest =
+            new() { HealthCheck = new ReferenceByIdModel(_dataIntegrityHealthCheckId), ValueRequired = false };
+        return await Client.PostAsync(Url, JsonContent.Create(healthCheckActionRequest));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/Group/AllHealthCheckGroupControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/Group/AllHealthCheckGroupControllerTests.cs
new file mode 100644
index 0000000000..7d001997a1
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/Group/AllHealthCheckGroupControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.HealthCheck.Group;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.HealthCheck.Group;
+
+public class AllHealthCheckGroupControllerTests : ManagementApiUserGroupTestBase<AllHealthCheckGroupController>
+{
+    protected override Expression<Func<AllHealthCheckGroupController, object>> MethodSelector =>
+        x => x.All(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/Group/ByNameHealthCheckGroupControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/Group/ByNameHealthCheckGroupControllerTests.cs
new file mode 100644
index 0000000000..b70afbb86b
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/Group/ByNameHealthCheckGroupControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.HealthCheck.Group;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.HealthCheck.Group;
+
+public class ByNameHealthCheckGroupControllerTests : ManagementApiUserGroupTestBase<ByNameHealthCheckGroupController>
+{
+    protected override Expression<Func<ByNameHealthCheckGroupController, object>> MethodSelector =>
+        x => x.ByName(CancellationToken.None, "Configuration");
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/Group/CheckHealthCheckGroupControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/Group/CheckHealthCheckGroupControllerTests.cs
new file mode 100644
index 0000000000..c0d0deeed4
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/HealthCheck/Group/CheckHealthCheckGroupControllerTests.cs
@@ -0,0 +1,43 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.HealthCheck.Group;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.HealthCheck.Group;
+
+public class CheckHealthCheckGroupControllerTests : ManagementApiUserGroupTestBase<CheckHealthCheckGroupController>
+{
+    protected override Expression<Func<CheckHealthCheckGroupController, object>> MethodSelector =>
+        x => x.ByNameWithResult(CancellationToken.None, "Configuration");
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.PostAsync(Url, null);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Help/GetHelpControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Help/GetHelpControllerTests.cs
new file mode 100644
index 0000000000..7fde4dad4f
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Help/GetHelpControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Help;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Help;
+
+public class GetHelpControllerTests : ManagementApiUserGroupTestBase<GetHelpController>
+{
+    protected override Expression<Func<GetHelpController, object>> MethodSelector =>
+        x => x.Get(CancellationToken.None, "TestSection", "TestTree", 0, 100, "https://our.umbraco.com");
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Indexer/AllIndexerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Indexer/AllIndexerControllerTests.cs
new file mode 100644
index 0000000000..2e3b3cc315
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Indexer/AllIndexerControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Indexer;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Indexer;
+
+public class AllIndexerControllerTests : ManagementApiUserGroupTestBase<AllIndexerController>
+{
+    protected override Expression<Func<AllIndexerController, object>> MethodSelector =>
+        x => x.All(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Indexer/DetailsIndexerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Indexer/DetailsIndexerControllerTests.cs
new file mode 100644
index 0000000000..c17e6b8940
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Indexer/DetailsIndexerControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Indexer;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Indexer;
+
+public class DetailsIndexerControllerTests : ManagementApiUserGroupTestBase<DetailsIndexerController>
+{
+    protected override Expression<Func<DetailsIndexerController, object>> MethodSelector =>
+        x => x.Details(CancellationToken.None, "DeliveryApiContentIndex");
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Indexer/RebuildIndexerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Indexer/RebuildIndexerControllerTests.cs
new file mode 100644
index 0000000000..c184a717fd
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Indexer/RebuildIndexerControllerTests.cs
@@ -0,0 +1,43 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Indexer;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Indexer;
+
+public class RebuildIndexerControllerTests : ManagementApiUserGroupTestBase<RebuildIndexerController>
+{
+    protected override Expression<Func<RebuildIndexerController, object>> MethodSelector =>
+        x => x.Rebuild(CancellationToken.None, "MembersIndex");
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.PostAsync(Url, null);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Install/SettingsInstallControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Install/SettingsInstallControllerTests.cs
new file mode 100644
index 0000000000..b54405bfff
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Install/SettingsInstallControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Install;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Install;
+
+public class SettingsInstallControllerTests : ManagementApiUserGroupTestBase<SettingsInstallController>
+{
+    protected override Expression<Func<SettingsInstallController, object>> MethodSelector =>
+        x => x.Settings(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Install/SetupInstallControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Install/SetupInstallControllerTests.cs
new file mode 100644
index 0000000000..60335eccb5
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Install/SetupInstallControllerTests.cs
@@ -0,0 +1,58 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Install;
+using Umbraco.Cms.Api.Management.ViewModels.Installer;
+using Umbraco.Cms.Core.Models;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Install;
+
+public class SetupInstallControllerTests : ManagementApiUserGroupTestBase<SetupInstallController>
+{
+    protected override Expression<Func<SetupInstallController, object>> MethodSelector =>
+        x => x.Setup(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        InstallRequestModel installRequestModel = new()
+        {
+            User = new UserInstallRequestModel
+            {
+                Name = "Tester", Email = "Test@emails.test", Password = "123457890"
+            },
+            Database = new DatabaseInstallRequestModel { Id = Guid.NewGuid(), ProviderName = "TestProviderName" },
+            TelemetryLevel = TelemetryLevel.Basic,
+        };
+        return await Client.PostAsync(Url, JsonContent.Create(installRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Install/ValidateDatabaseInstallControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Install/ValidateDatabaseInstallControllerTests.cs
new file mode 100644
index 0000000000..c1ff329f86
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Install/ValidateDatabaseInstallControllerTests.cs
@@ -0,0 +1,52 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Install;
+using Umbraco.Cms.Api.Management.ViewModels.Installer;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Install;
+
+public class ValidateDatabaseInstallControllerTests : ManagementApiUserGroupTestBase<ValidateDatabaseInstallController>
+{
+    protected override Expression<Func<ValidateDatabaseInstallController, object>> MethodSelector =>
+        x => x.ValidateDatabase(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        DatabaseInstallRequestModel databaseInstallRequestModel = new()
+        {
+            Id = Guid.NewGuid(), ProviderName = "TestProviderName",
+        };
+        return await Client.PostAsync(Url, JsonContent.Create(databaseInstallRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Language/AllLanguageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Language/AllLanguageControllerTests.cs
new file mode 100644
index 0000000000..6806c37107
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Language/AllLanguageControllerTests.cs
@@ -0,0 +1,40 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Language;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Language;
+
+public class AllLanguageControllerTests: ManagementApiUserGroupTestBase<AllLanguageController>
+{
+    protected override Expression<Func<AllLanguageController, object>> MethodSelector => x => x.All(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Language/ByIsoCodeLanguageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Language/ByIsoCodeLanguageControllerTests.cs
new file mode 100644
index 0000000000..79e4be5b47
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Language/ByIsoCodeLanguageControllerTests.cs
@@ -0,0 +1,40 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Language;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Language;
+
+public class ByIsoCodeLanguageControllerTests : ManagementApiUserGroupTestBase<ByIsoCodeLanguageController>
+{
+    protected override Expression<Func<ByIsoCodeLanguageController, object>> MethodSelector => x => x.ByIsoCode(CancellationToken.None, "en-US");
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Language/CreateLanguageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Language/CreateLanguageControllerTests.cs
new file mode 100644
index 0000000000..bfca01e50e
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Language/CreateLanguageControllerTests.cs
@@ -0,0 +1,49 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Language;
+using Umbraco.Cms.Api.Management.ViewModels.Language;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Language;
+
+public class CreateLanguageControllerTests : ManagementApiUserGroupTestBase<CreateLanguageController>
+{
+    protected override Expression<Func<CreateLanguageController, object>> MethodSelector => x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateLanguageRequestModel createLanguageModel = new() { IsoCode = "da-DK", Name = "Danish", IsDefault = false, IsMandatory = false };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createLanguageModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Language/DeleteLanguageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Language/DeleteLanguageControllerTests.cs
new file mode 100644
index 0000000000..448ab0ec50
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Language/DeleteLanguageControllerTests.cs
@@ -0,0 +1,58 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Language;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+using Umbraco.Cms.Tests.Common.Builders.Extensions;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Language;
+
+public class DeleteLanguageControllerTests : ManagementApiUserGroupTestBase<DeleteLanguageController>
+{
+    private ILanguageService LanguageService => GetRequiredService<ILanguageService>();
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var daLanguage = new LanguageBuilder()
+            .WithCultureInfo("da-DK")
+            .Build();
+        await LanguageService.CreateAsync(daLanguage, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<DeleteLanguageController, object>> MethodSelector => x => x.Delete(CancellationToken.None, "da-DK");
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Language/UpdateLanguageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Language/UpdateLanguageControllerTests.cs
new file mode 100644
index 0000000000..7e9300deee
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Language/UpdateLanguageControllerTests.cs
@@ -0,0 +1,65 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Language;
+using Umbraco.Cms.Api.Management.ViewModels.Language;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+using Umbraco.Cms.Tests.Common.Builders.Extensions;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Language;
+
+public class UpdateLanguageControllerTests : ManagementApiUserGroupTestBase<UpdateLanguageController>
+{
+    private ILanguageService LanguageService => GetRequiredService<ILanguageService>();
+
+    [SetUp]
+    public async Task Setup()
+    {
+        var daLanguage = new LanguageBuilder()
+            .WithCultureInfo("da-DK")
+            .Build();
+        await LanguageService.CreateAsync(daLanguage, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<UpdateLanguageController, object>> MethodSelector => x => x.Update(CancellationToken.None, "da-DK", null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateLanguageRequestModel updateLanguageModel = new() { Name = "da-DK", IsDefault = false, FallbackIsoCode = "en-US", IsMandatory = true };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateLanguageModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/AllLogViewerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/AllLogViewerControllerTests.cs
new file mode 100644
index 0000000000..a5e4a2b4eb
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/AllLogViewerControllerTests.cs
@@ -0,0 +1,42 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.LogViewer;
+using Umbraco.Cms.Core;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.LogViewer;
+
+public class AllLogViewerControllerTests : ManagementApiUserGroupTestBase<AllLogViewerController>
+{
+    protected override Expression<Func<AllLogViewerController, object>> MethodSelector => x => x.AllLogs(CancellationToken.None, 0, 100, Direction.Descending, null, null, null, null);
+
+    // We get the InternalServerError for the admin because it has access, but there is no log file to view
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.InternalServerError
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/AllMessageTemplateLogViewerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/AllMessageTemplateLogViewerControllerTests.cs
new file mode 100644
index 0000000000..71c5d12ebf
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/AllMessageTemplateLogViewerControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.LogViewer;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.LogViewer;
+
+public class AllMessageTemplateLogViewerControllerTests : ManagementApiUserGroupTestBase<AllMessageTemplateLogViewerController>
+{
+    protected override Expression<Func<AllMessageTemplateLogViewerController, object>> MethodSelector => x => x.AllMessageTemplates(CancellationToken.None, 0, 100, null, null);
+
+    // We get the InternalServerError for the admin because it has access, but there is no log file to view
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.InternalServerError
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/AllSinkLevelLogViewerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/AllSinkLevelLogViewerControllerTests.cs
new file mode 100644
index 0000000000..ffb7bc6d5c
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/AllSinkLevelLogViewerControllerTests.cs
@@ -0,0 +1,40 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.LogViewer;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.LogViewer;
+
+public class AllSinkLevelLogViewerControllerTests : ManagementApiUserGroupTestBase<AllSinkLevelLogViewerController>
+{
+    protected override Expression<Func<AllSinkLevelLogViewerController, object>> MethodSelector => x => x.AllLogLevels(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/LogLevelCountLogViewerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/LogLevelCountLogViewerControllerTests.cs
new file mode 100644
index 0000000000..96efcdb4ee
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/LogLevelCountLogViewerControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.LogViewer;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.LogViewer;
+
+public class LogLevelCountLogViewerControllerTests : ManagementApiUserGroupTestBase<LogLevelCountLogViewerController>
+{
+    protected override Expression<Func<LogLevelCountLogViewerController, object>> MethodSelector => x => x.LogLevelCounts(CancellationToken.None, null, null);
+
+    // We get the InternalServerError for the admin because it has access, but there is no log file to view
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.InternalServerError
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/AllSavedSearchLogViewerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/AllSavedSearchLogViewerControllerTests.cs
new file mode 100644
index 0000000000..691724c776
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/AllSavedSearchLogViewerControllerTests.cs
@@ -0,0 +1,40 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.LogViewer.SavedSearch;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.LogViewer.SavedSearch;
+
+public class AllSavedSearchLogViewerControllerTests : ManagementApiUserGroupTestBase<AllSavedSearchLogViewerController>
+{
+    protected override Expression<Func<AllSavedSearchLogViewerController, object>> MethodSelector => x => x.AllSavedSearches(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/ByNameSavedSearchLogViewerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/ByNameSavedSearchLogViewerControllerTests.cs
new file mode 100644
index 0000000000..ec34735f57
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/ByNameSavedSearchLogViewerControllerTests.cs
@@ -0,0 +1,50 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.LogViewer.SavedSearch;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.LogViewer.SavedSearch;
+
+public class ByNameSavedSearchLogViewerControllerTests : ManagementApiUserGroupTestBase<ByNameSavedSearchLogViewerController>
+{
+    private ILogViewerService LogViewerService => GetRequiredService<ILogViewerService>();
+
+    [SetUp]
+    public async Task Setup()
+    {
+        await LogViewerService.AddSavedLogQueryAsync("Find All", "SELECT * FROM LogEntries");
+    }
+
+    protected override Expression<Func<ByNameSavedSearchLogViewerController, object>> MethodSelector => x => x.ByName(CancellationToken.None, "Find All");
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/CreateSavedSearchLogViewerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/CreateSavedSearchLogViewerControllerTests.cs
new file mode 100644
index 0000000000..fa07cb93d5
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/CreateSavedSearchLogViewerControllerTests.cs
@@ -0,0 +1,49 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.LogViewer.SavedSearch;
+using Umbraco.Cms.Api.Management.ViewModels.LogViewer;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.LogViewer.SavedSearch;
+
+public class CreateSavedSearchLogViewerControllerTests : ManagementApiUserGroupTestBase<CreateSavedSearchLogViewerController>
+{
+    protected override Expression<Func<CreateSavedSearchLogViewerController, object>> MethodSelector => x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        SavedLogSearchRequestModel savedLogSearchRequestModel = new() { Name = "Test", Query = "Tester" };
+
+        return await Client.PostAsync(Url, JsonContent.Create(savedLogSearchRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/DeleteSavedSearchLogViewerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/DeleteSavedSearchLogViewerControllerTests.cs
new file mode 100644
index 0000000000..27a7ec737e
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/SavedSearch/DeleteSavedSearchLogViewerControllerTests.cs
@@ -0,0 +1,52 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.LogViewer.SavedSearch;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.LogViewer.SavedSearch;
+
+public class DeleteSavedSearchLogViewerControllerTests : ManagementApiUserGroupTestBase<DeleteSavedSearchLogViewerController>
+{
+    private ILogViewerService LogViewerService => GetRequiredService<ILogViewerService>();
+
+    [SetUp]
+    public async Task Setup()
+    {
+        await LogViewerService.AddSavedLogQueryAsync("Find All", "SELECT * FROM LogEntries");
+    }
+
+    protected override Expression<Func<DeleteSavedSearchLogViewerController, object>> MethodSelector => x => x.Delete(CancellationToken.None, "Find All");
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/ValidateLogFileSizeLogViewerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/ValidateLogFileSizeLogViewerControllerTests.cs
new file mode 100644
index 0000000000..fcd26afd5a
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/LogViewer/ValidateLogFileSizeLogViewerControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.LogViewer;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.LogViewer;
+
+public class ValidateLogFileSizeLogViewerControllerTests: ManagementApiUserGroupTestBase<ValidateLogFileSizeLogViewerController>
+{
+    protected override Expression<Func<ValidateLogFileSizeLogViewerController, object>> MethodSelector => x => x.CanViewLogs(CancellationToken.None, null, null);
+
+    // We get the InternalServerError for the admin because it has access, but there is no log file to view
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.InternalServerError
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/ManagementApiTest.cs b/tests/Umbraco.Tests.Integration/ManagementApi/ManagementApiTest.cs
index 259eb92938..ab74881679 100644
--- a/tests/Umbraco.Tests.Integration/ManagementApi/ManagementApiTest.cs
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/ManagementApiTest.cs
@@ -22,32 +22,46 @@ using Umbraco.Cms.Core.Scoping;
 using Umbraco.Cms.Core.Security;
 using Umbraco.Cms.Core.Services;
 using Umbraco.Cms.Infrastructure.Security;
+using Umbraco.Cms.Tests.Common.Testing;
 using Umbraco.Cms.Tests.Integration.TestServerTest;
 
 namespace Umbraco.Cms.Tests.Integration.ManagementApi;
 
 [TestFixture]
+[UmbracoTest(Database = UmbracoTestOptions.Database.NewSchemaPerFixture, Logger = UmbracoTestOptions.Logger.Console, Boot = true)]
 public abstract class ManagementApiTest<T> : UmbracoTestServerTestBase
     where T : ManagementApiControllerBase
 {
+
+    private static readonly Dictionary<string, TokenModel> _tokenCache = new();
+    private static readonly SHA256 _sha256 = SHA256.Create();
+
+    protected abstract Expression<Func<T, object>> MethodSelector { get; set; }
+
+    protected string Url => GetManagementApiUrl(MethodSelector);
+
     [SetUp]
-    public Task Setup()
+    public override void Setup()
     {
-        Client.DefaultRequestHeaders
-            .Accept
-            .Add(new MediaTypeWithQualityHeaderValue(MediaTypeNames.Application.Json));
-        return Task.CompletedTask;
+        InMemoryConfiguration["Umbraco:CMS:ModelsBuilder:ModelsMode"] = "Nothing";
+
+        base.Setup();
+        Client.DefaultRequestHeaders.Accept.Clear();
+        Client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue(MediaTypeNames.Application.Json));
     }
 
+    [SetUp]
+    public override void SetUp_Logging() =>
+        TestContext.Out.Write($"Start test {TestCount++}: {TestContext.CurrentContext.Test.FullName}");
+
+    [OneTimeTearDown]
+    public void ClearCache() => _tokenCache.Clear();
+
     protected override void CustomTestAuthSetup(IServiceCollection services)
     {
         // We do not wanna fake anything, and thereby have protection
     }
 
-    protected abstract Expression<Func<T, object>> MethodSelector { get; }
-
-    protected virtual string Url => GetManagementApiUrl(MethodSelector);
-
     protected async Task AuthenticateClientAsync(HttpClient client, string username, string password, bool isAdmin) =>
         await AuthenticateClientAsync(client,
             async userService =>
@@ -74,17 +88,51 @@ public abstract class ManagementApiTest<T> : UmbracoTestServerTestBase
                 }
 
                 return (user, password);
-            });
+            }, $"{username}:{isAdmin}");
 
+    protected async Task AuthenticateClientAsync(HttpClient client, string username, string password, Guid userGroupKey) =>
+        await AuthenticateClientAsync(client,
+            async userService =>
+            {
+                IUser user;
+                if (userGroupKey == Constants.Security.AdminGroupKey)
+                {
+                    user = await userService.GetRequiredUserAsync(Constants.Security.SuperUserKey);
+                    user.Username = user.Email = username;
+                    userService.Save(user);
+                }
+                else
+                {
+                    user = (await userService.CreateAsync(
+                        Constants.Security.SuperUserKey,
+                        new UserCreateModel
+                        {
+                            Email = username,
+                            Name = username,
+                            UserName = username,
+                            UserGroupKeys = new HashSet<Guid>([userGroupKey]),
+                        },
+                        true)).Result.CreatedUser;
+                }
 
-    protected async Task AuthenticateClientAsync(HttpClient client, Func<IUserService, Task<(IUser user, string Password)>> createUser)
+                return (user, password);
+            }, $"{username}:{userGroupKey}");
+
+    protected async Task AuthenticateClientAsync(HttpClient client, Func<IUserService, Task<(IUser User, string Password)>> createUser, string cacheKey = null)
     {
+        // Check cache first
+        if (!string.IsNullOrEmpty(cacheKey) && _tokenCache.TryGetValue(cacheKey, out var cachedToken))
+        {
+            client.DefaultRequestHeaders.Authorization =
+                new AuthenticationHeaderValue("Bearer", cachedToken.AccessToken);
+            return;
+        }
 
         OpenIddictApplicationDescriptor backofficeOpenIddictApplicationDescriptor;
         var scopeProvider = GetRequiredService<ICoreScopeProvider>();
 
-        string? username;
-        string? password;
+        string username;
+        string password;
 
         using (var scope = scopeProvider.CreateCoreScope())
         {
@@ -93,19 +141,16 @@ public abstract class ManagementApiTest<T> : UmbracoTestServerTestBase
             var userManager = serviceScope.ServiceProvider.GetRequiredService<ICoreBackOfficeUserManager>();
 
             var userCreationResult = await createUser(userService);
-            username = userCreationResult.user.Username;
+            username = userCreationResult.User.Username;
             password = userCreationResult.Password;
-            var userKey = userCreationResult.user.Key;
-
-            var token = await userManager.GeneratePasswordResetTokenAsync(userCreationResult.user);
+            var userKey = userCreationResult.User.Key;
 
+            var token = await userManager.GeneratePasswordResetTokenAsync(userCreationResult.User);
 
             var changePasswordAttempt = await userService.ChangePasswordAsync(userKey,
                 new ChangeUserPasswordModel
                 {
-                    NewPassword = password,
-                    ResetPasswordToken = token.Result.ToUrlBase64(),
-                    UserKey = userKey
+                    NewPassword = password, ResetPasswordToken = token.Result.ToUrlBase64(), UserKey = userKey,
                 });
 
             Assert.IsTrue(changePasswordAttempt.Success);
@@ -114,8 +159,7 @@ public abstract class ManagementApiTest<T> : UmbracoTestServerTestBase
                 serviceScope.ServiceProvider.GetRequiredService<IBackOfficeApplicationManager>() as
                     BackOfficeApplicationManager;
             backofficeOpenIddictApplicationDescriptor =
-                backOfficeApplicationManager.BackofficeOpenIddictApplicationDescriptor([client.BaseAddress]);
-
+                backOfficeApplicationManager.BackofficeOpenIddictApplicationDescriptor(client.BaseAddress);
             scope.Complete();
         }
 
@@ -127,12 +171,11 @@ public abstract class ManagementApiTest<T> : UmbracoTestServerTestBase
 
         Assert.AreEqual(HttpStatusCode.OK, loginResponse.StatusCode, await loginResponse.Content.ReadAsStringAsync());
 
-        var codeVerifier = "12345"; // Just a dummy value we use in tests
-        var codeChallange = Convert.ToBase64String(SHA256.Create().ComputeHash(Encoding.UTF8.GetBytes(codeVerifier)))
+        const string codeVerifier = "12345"; // Just a dummy value we use in tests
+        var codeChallenge = Convert.ToBase64String(_sha256.ComputeHash(Encoding.UTF8.GetBytes(codeVerifier)))
             .TrimEnd("=");
 
-        var authorizationUrl = GetManagementApiUrl<BackOfficeController>(x => x.Authorize(CancellationToken.None)) +
-                  $"?client_id={backofficeOpenIddictApplicationDescriptor.ClientId}&response_type=code&redirect_uri={WebUtility.UrlEncode(backofficeOpenIddictApplicationDescriptor.RedirectUris.FirstOrDefault()?.AbsoluteUri)}&code_challenge_method=S256&code_challenge={codeChallange}";
+        var authorizationUrl = GetManagementApiUrl<BackOfficeController>(x => x.Authorize(CancellationToken.None)) + $"?client_id={backofficeOpenIddictApplicationDescriptor.ClientId}&response_type=code&redirect_uri={WebUtility.UrlEncode(backofficeOpenIddictApplicationDescriptor.RedirectUris.FirstOrDefault()?.AbsoluteUri)}&code_challenge_method=S256&code_challenge={codeChallenge}";
         var authorizeResponse = await client.GetAsync(authorizationUrl);
 
         Assert.AreEqual(HttpStatusCode.Found, authorizeResponse.StatusCode, await authorizeResponse.Content.ReadAsStringAsync());
@@ -145,17 +188,22 @@ public abstract class ManagementApiTest<T> : UmbracoTestServerTestBase
                 ["client_id"] = backofficeOpenIddictApplicationDescriptor.ClientId,
                 ["code"] = HttpUtility.ParseQueryString(authorizeResponse.Headers.Location.Query).Get("code"),
                 ["redirect_uri"] =
-                    backofficeOpenIddictApplicationDescriptor.RedirectUris.FirstOrDefault().AbsoluteUri
+                    backofficeOpenIddictApplicationDescriptor.RedirectUris.FirstOrDefault().AbsoluteUri,
             }));
 
         var tokenModel = await tokenResponse.Content.ReadFromJsonAsync<TokenModel>();
 
         client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", tokenModel.AccessToken);
+
+        // Cache the token if cache key provided
+        if (!string.IsNullOrEmpty(cacheKey))
+        {
+            _tokenCache[cacheKey] = tokenModel;
+        }
     }
 
     private class TokenModel
     {
         [JsonPropertyName("access_token")] public string AccessToken { get; set; }
     }
-
 }
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/ManagementApiUserGroupTestBase.cs b/tests/Umbraco.Tests.Integration/ManagementApi/ManagementApiUserGroupTestBase.cs
new file mode 100644
index 0000000000..16b20236a2
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/ManagementApiUserGroupTestBase.cs
@@ -0,0 +1,120 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers;
+using Umbraco.Cms.Core;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi;
+
+public abstract class ManagementApiUserGroupTestBase<T> : ManagementApiTest<T>
+    where T : ManagementApiControllerBase
+{
+    protected string UserEmail = "test@umbraco.com";
+    protected const string UserPassword = "1234567890";
+
+    protected override Expression<Func<T, object>> MethodSelector { get; set; }
+
+    protected virtual UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected virtual UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected virtual UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected virtual UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected virtual UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected virtual UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    // Admin
+    [Test]
+    public virtual async Task As_Admin_I_Have_Specified_Access()
+    {
+        var response = await AuthorizedRequest(Constants.Security.AdminGroupKey, "Admin");
+        Assert.AreEqual(AdminUserGroupAssertionModel.ExpectedStatusCode, response.StatusCode, await response.Content.ReadAsStringAsync());
+    }
+
+    // Editor
+    [Test]
+    public virtual async Task As_Editor_I_Have_Specified_Access()
+    {
+        var response = await AuthorizedRequest(Constants.Security.EditorGroupKey, "Editor");
+        Assert.AreEqual(EditorUserGroupAssertionModel.ExpectedStatusCode, response.StatusCode,
+            await response.Content.ReadAsStringAsync());
+    }
+
+    // SensitiveData
+    [Test]
+    public virtual async Task As_Sensitive_Data_I_Have_Specified_Access()
+    {
+        var response = await AuthorizedRequest(Constants.Security.SensitiveDataGroupKey, "SensitiveData");
+        Assert.AreEqual(SensitiveDataUserGroupAssertionModel.ExpectedStatusCode, response.StatusCode,
+            await response.Content.ReadAsStringAsync());
+    }
+
+    // Translator
+    [Test]
+    public virtual async Task As_Translator_I_Have_Specified_Access()
+    {
+        var response = await AuthorizedRequest(Constants.Security.TranslatorGroupKey, "Translator");
+        Assert.AreEqual(TranslatorUserGroupAssertionModel.ExpectedStatusCode, response.StatusCode,
+            await response.Content.ReadAsStringAsync());
+    }
+
+    // Writer
+    [Test]
+    public virtual async Task As_Writer_I_Have_Specified_Access()
+    {
+        var response = await AuthorizedRequest(Constants.Security.WriterGroupKey, "Writer");
+        Assert.AreEqual(WriterUserGroupAssertionModel.ExpectedStatusCode, response.StatusCode,
+            await response.Content.ReadAsStringAsync());
+    }
+
+    // Unauthorized
+    [Test]
+    public virtual async Task As_Unauthorized_I_Have_Specified_Access()
+    {
+        var response = await ClientRequest();
+        Assert.AreEqual(UnauthorizedUserGroupAssertionModel.ExpectedStatusCode, response.StatusCode,
+            await response.Content.ReadAsStringAsync());
+    }
+
+    protected virtual async Task<HttpResponseMessage> AuthorizedRequest(Guid userGroupKey, string groupName)
+    {
+        await AuthenticateUser(userGroupKey, groupName);
+        return await ClientRequest();
+    }
+
+    protected virtual async Task AuthenticateUser(Guid userGroupKey, string groupName)
+    {
+        await AuthenticateClientAsync(Client, UserEmail + groupName, UserPassword, userGroupKey);
+    }
+
+    protected virtual async Task<HttpResponseMessage> ClientRequest()
+    {
+        return await Client.GetAsync(Url);
+    }
+
+    protected class UserGroupAssertionModel
+    {
+        public HttpStatusCode ExpectedStatusCode { get; set; }
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Media/ByKeyMediaControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Media/ByKeyMediaControllerTests.cs
new file mode 100644
index 0000000000..868de96fbd
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Media/ByKeyMediaControllerTests.cs
@@ -0,0 +1,67 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Media;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Media;
+
+public class ByKeyMediaControllerTests : ManagementApiUserGroupTestBase<ByKeyMediaController>
+{
+    private IMediaEditingService MediaEditingService => GetRequiredService<IMediaEditingService>();
+
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _mediaKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Media Folder Types
+        var mediaTypes = await MediaTypeEditingService.GetFolderMediaTypes(0, 100);
+        var folderMediaType = mediaTypes.Items.FirstOrDefault(x => x.Name.Contains("Folder", StringComparison.OrdinalIgnoreCase));
+
+        // Media Folder
+        MediaCreateModel mediaCreateModel = new()
+        {
+            Variants = new List<VariantModel> { new() { Name = "MediaTest" } }, ContentTypeKey = folderMediaType.Key
+        };
+        var response = await MediaEditingService.CreateAsync(mediaCreateModel, Constants.Security.SuperUserKey);
+        _mediaKey = response.Result.Content.Key;
+    }
+
+    protected override Expression<Func<ByKeyMediaController, object>> MethodSelector => x => x.ByKey(CancellationToken.None, _mediaKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Media/CreateMediaControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Media/CreateMediaControllerTests.cs
new file mode 100644
index 0000000000..82c6d57303
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Media/CreateMediaControllerTests.cs
@@ -0,0 +1,73 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Media;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.Media;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Media;
+
+public class CreateMediaControllerTests : ManagementApiUserGroupTestBase<CreateMediaController>
+{
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _folderMediaTypeKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Media Folder Type
+        var mediaTypes =await MediaTypeEditingService.GetFolderMediaTypes(0, 100);
+        var folderMediaType = mediaTypes.Items.FirstOrDefault(x => x.Name.Contains("Folder", StringComparison.OrdinalIgnoreCase));
+        _folderMediaTypeKey = folderMediaType.Key;
+    }
+
+    protected override Expression<Func<CreateMediaController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateMediaRequestModel createMediaModel =
+            new()
+            {
+                MediaType = new ReferenceByIdModel(_folderMediaTypeKey),  Variants = new MediaVariantRequestModel[]
+                {
+                    new() { Culture = null, Segment = null, Name = "The en-US name", },
+                },
+            };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createMediaModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Media/Item/ItemMediaItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Media/Item/ItemMediaItemControllerTests.cs
new file mode 100644
index 0000000000..b0f065e8a6
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Media/Item/ItemMediaItemControllerTests.cs
@@ -0,0 +1,65 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Media.Item;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Media.Item;
+
+public class ItemMediaItemControllerTests : ManagementApiUserGroupTestBase<ItemMediaItemController>
+{
+    private IMediaEditingService MediaEditingService => GetRequiredService<IMediaEditingService>();
+
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _mediaKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Media Folder Type
+        var mediaTypes = await MediaTypeEditingService.GetFolderMediaTypes(0, 100);
+        var folderMediaType = mediaTypes.Items.FirstOrDefault(x => x.Name.Contains("Folder", StringComparison.OrdinalIgnoreCase));
+
+        // Media Folder
+        MediaCreateModel mediaCreateModel = new() { Variants = new List<VariantModel> { new() { Name = "MediaFolder" } }, ContentTypeKey = folderMediaType.Key };
+        var response = await MediaEditingService.CreateAsync(mediaCreateModel, Constants.Security.SuperUserKey);
+        _mediaKey = response.Result.Content.Key;
+    }
+
+    protected override Expression<Func<ItemMediaItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<Guid> { _mediaKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Media/MoveMediaControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Media/MoveMediaControllerTests.cs
new file mode 100644
index 0000000000..ded471157c
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Media/MoveMediaControllerTests.cs
@@ -0,0 +1,90 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Media;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.Media;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Media;
+
+public class MoveMediaControllerTests : ManagementApiUserGroupTestBase<MoveMediaController>
+{
+    private IMediaEditingService MediaEditingService => GetRequiredService<IMediaEditingService>();
+
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _moveFolderKey;
+    private Guid _targetFolderKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Media Folder Type
+        var mediaTypes = await MediaTypeEditingService.GetFolderMediaTypes(0, 100);
+        var folderMediaType =
+            mediaTypes.Items.FirstOrDefault(x => x.Name.Contains("Folder", StringComparison.OrdinalIgnoreCase));
+
+        // Media MoveFolder
+        MediaCreateModel moveCreateModel = new()
+        {
+            Variants = new List<VariantModel> { new() { Name = "MediaMoveFolder"} },
+            ContentTypeKey = folderMediaType.Key,
+            ParentKey = Constants.System.RootKey
+        };
+        var responseMove = await MediaEditingService.CreateAsync(moveCreateModel, Constants.Security.SuperUserKey);
+        _moveFolderKey = responseMove.Result.Content.Key;
+
+        // Media TargetFolder
+        MediaCreateModel targetCreateModel = new()
+        {
+            Variants = new List<VariantModel> { new() { Name = "MediaTargetFolder"} },
+            ContentTypeKey = folderMediaType.Key,
+            ParentKey = Constants.System.RootKey
+        };
+        var responseTarget = await MediaEditingService.CreateAsync(targetCreateModel, Constants.Security.SuperUserKey);
+        _targetFolderKey = responseTarget.Result.Content.Key;
+    }
+
+    protected override Expression<Func<MoveMediaController, object>> MethodSelector => x => x.Move(CancellationToken.None, _moveFolderKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        MoveMediaRequestModel updateMediaModel = new() { Target = new ReferenceByIdModel(_targetFolderKey) };
+        return await Client.PutAsync(Url, JsonContent.Create(updateMediaModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Media/MoveToRecycleBinMediaControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Media/MoveToRecycleBinMediaControllerTests.cs
new file mode 100644
index 0000000000..bcb80b88f2
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Media/MoveToRecycleBinMediaControllerTests.cs
@@ -0,0 +1,74 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Media;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Media;
+
+public class MoveToRecycleBinMediaControllerTests : ManagementApiUserGroupTestBase<MoveToRecycleBinMediaController>
+{
+    private IMediaEditingService MediaEditingService => GetRequiredService<IMediaEditingService>();
+
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _mediaKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Media Folder Type
+        var mediaTypes = await MediaTypeEditingService.GetFolderMediaTypes(0, 100);
+        var folderMediaType =
+            mediaTypes.Items.FirstOrDefault(x => x.Name.Contains("Folder", StringComparison.OrdinalIgnoreCase));
+
+        // Media Folder
+        MediaCreateModel mediaCreateModel = new()
+        {
+            Variants = new List<VariantModel> { new() { Name = "MediaTest"} },
+            ContentTypeKey = folderMediaType.Key
+        };
+        var response = await MediaEditingService.CreateAsync(mediaCreateModel, Constants.Security.SuperUserKey);
+        _mediaKey = response.Result.Content.Key;
+    }
+
+    protected override Expression<Func<MoveToRecycleBinMediaController, object>> MethodSelector =>
+        x => x.MoveToRecycleBin(CancellationToken.None, _mediaKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() =>
+        await Client.PutAsync(Url, JsonContent.Create(Guid.Empty));
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Media/RecycleBin/ChildrenMediaRecycleBinControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Media/RecycleBin/ChildrenMediaRecycleBinControllerTests.cs
new file mode 100644
index 0000000000..35d9e4078c
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Media/RecycleBin/ChildrenMediaRecycleBinControllerTests.cs
@@ -0,0 +1,71 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Media.RecycleBin;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Media.RecycleBin;
+
+public class ChildrenMediaRecycleBinControllerTests : ManagementApiUserGroupTestBase<ChildrenMediaRecycleBinController>
+{
+    private IMediaEditingService MediaEditingService => GetRequiredService<IMediaEditingService>();
+
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _parentKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Media Folder Type
+        var mediaTypes = await MediaTypeEditingService.GetFolderMediaTypes(0, 100);
+        var folderMediaType = mediaTypes.Items.FirstOrDefault(x => x.Name.Contains("Folder", StringComparison.OrdinalIgnoreCase));
+
+        // Parent Media Folder
+        MediaCreateModel parentCreateModel = new() { Variants = new List<VariantModel> { new() { Name = "ParentMediaFolder" } }, ContentTypeKey = folderMediaType.Key, ParentKey = Constants.System.RootKey};
+        var responseParent = await MediaEditingService.CreateAsync(parentCreateModel, Constants.Security.SuperUserKey);
+        _parentKey = responseParent.Result.Content.Key;
+
+        // Child Media Folder
+        MediaCreateModel childCreateModel = new() { Variants = new List<VariantModel> { new() { Name = "ChildMediaFolder" } }, ContentTypeKey = folderMediaType.Key, ParentKey = _parentKey};
+        await MediaEditingService.CreateAsync(childCreateModel, Constants.Security.SuperUserKey);
+
+        await MediaEditingService.MoveToRecycleBinAsync(_parentKey, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ChildrenMediaRecycleBinController, object>> MethodSelector =>
+        x => x.Children(CancellationToken.None, _parentKey, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Media/RecycleBin/RootMediaRecycleBinControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Media/RecycleBin/RootMediaRecycleBinControllerTests.cs
new file mode 100644
index 0000000000..3c2dcd5376
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Media/RecycleBin/RootMediaRecycleBinControllerTests.cs
@@ -0,0 +1,66 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Media.RecycleBin;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Media.RecycleBin;
+
+public class RootMediaRecycleBinControllerTests : ManagementApiUserGroupTestBase<RootMediaRecycleBinController>
+{
+    private IMediaEditingService MediaEditingService => GetRequiredService<IMediaEditingService>();
+
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _mediaKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Media Folder Type
+        var mediaTypes = await MediaTypeEditingService.GetFolderMediaTypes(0, 100);
+        var folderMediaType = mediaTypes.Items.FirstOrDefault(x => x.Name.Contains("Folder", StringComparison.OrdinalIgnoreCase));
+
+        // Media Folder
+        MediaCreateModel mediaCreateModel = new() { Variants = new List<VariantModel> { new() { Name = "MediaFolder" } }, ContentTypeKey = folderMediaType.Key };
+        var response = await MediaEditingService.CreateAsync(mediaCreateModel, Constants.Security.SuperUserKey);
+        _mediaKey = response.Result.Content.Key;
+
+        await MediaEditingService.MoveToRecycleBinAsync(_mediaKey, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<RootMediaRecycleBinController, object>> MethodSelector => x => x.Root(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Media/SortMediaControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Media/SortMediaControllerTests.cs
new file mode 100644
index 0000000000..fcee2f0808
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Media/SortMediaControllerTests.cs
@@ -0,0 +1,91 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Media;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.Sorting;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Media;
+
+public class SortMediaControllerTests : ManagementApiUserGroupTestBase<SortMediaController>
+{
+    private IMediaEditingService MediaEditingService => GetRequiredService<IMediaEditingService>();
+
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _parentFolderKey;
+    private Guid _childFolderKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Media Folder Type
+        var mediaTypes = await MediaTypeEditingService.GetFolderMediaTypes(0,100);
+        var folderMediaType = mediaTypes.Items.FirstOrDefault(x => x.Name.Contains("Folder", StringComparison.OrdinalIgnoreCase));
+
+        // Media ParentFolder
+        MediaCreateModel parentCreateModel = new()
+        {
+            Variants = new List<VariantModel> { new() { Name = "MediaParentFolder" } },
+            ContentTypeKey = folderMediaType.Key, ParentKey = Constants.System.RootKey
+        };
+        var responseParent = await MediaEditingService.CreateAsync(parentCreateModel, Constants.Security.SuperUserKey);
+        _parentFolderKey = responseParent.Result.Content.Key;
+
+        // Media ChildFolder
+        MediaCreateModel childCreateModel = new()
+        {
+            Variants = new List<VariantModel> { new() { Name = "MediaChildFolder" } },
+            ContentTypeKey = folderMediaType.Key, ParentKey = _parentFolderKey
+        };
+        var responseChild = await MediaEditingService.CreateAsync(childCreateModel, Constants.Security.SuperUserKey);
+        _childFolderKey = responseChild.Result.Content.Key;
+    }
+
+    protected override Expression<Func<SortMediaController, object>> MethodSelector => x => x.Sort(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        SortingRequestModel sortingRequestModel = new()
+        {
+            Parent = new ReferenceByIdModel(_parentFolderKey),
+            Sorting = new[] { new ItemSortingRequestModel { Id = _childFolderKey, SortOrder = 0 } },
+        };
+        return await Client.PutAsync(Url, JsonContent.Create(sortingRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Media/Tree/ChildrenMediaTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Media/Tree/ChildrenMediaTreeControllerTests.cs
new file mode 100644
index 0000000000..1f3c3b4874
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Media/Tree/ChildrenMediaTreeControllerTests.cs
@@ -0,0 +1,69 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Media.Tree;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Media.Tree;
+
+public class ChildrenMediaTreeControllerTests : ManagementApiUserGroupTestBase<ChildrenMediaTreeController>
+{
+    private IMediaEditingService MediaEditingService => GetRequiredService<IMediaEditingService>();
+
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _parentKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Media Folder Types
+        var mediaTypes = await MediaTypeEditingService.GetFolderMediaTypes(0, 100);
+        var folderMediaType = mediaTypes.Items.FirstOrDefault(x => x.Name.Contains("Folder", StringComparison.OrdinalIgnoreCase));
+
+        // Parent Media Folder
+        MediaCreateModel parentCreateModel = new() { Variants = new List<VariantModel> { new() { Name = "ParentMediaFolder" } }, ContentTypeKey = folderMediaType.Key, ParentKey = Constants.System.RootKey};
+        var responseParent = await MediaEditingService.CreateAsync(parentCreateModel, Constants.Security.SuperUserKey);
+        _parentKey = responseParent.Result.Content.Key;
+
+        // Child Media Folder
+        MediaCreateModel childCreateModel = new() { Variants = new List<VariantModel> { new() { Name = "ChildMediaFolder" } }, ContentTypeKey = folderMediaType.Key, ParentKey = _parentKey};
+        await MediaEditingService.CreateAsync(childCreateModel, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ChildrenMediaTreeController, object>> MethodSelector =>
+        x => x.Children(CancellationToken.None, _parentKey, 0, 100, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Media/Tree/RootMediaTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Media/Tree/RootMediaTreeControllerTests.cs
new file mode 100644
index 0000000000..118dd14001
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Media/Tree/RootMediaTreeControllerTests.cs
@@ -0,0 +1,40 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Media.Tree;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Media.Tree;
+
+public class RootMediaTreeControllerTests : ManagementApiUserGroupTestBase<RootMediaTreeController>
+{
+    protected override Expression<Func<RootMediaTreeController, object>> MethodSelector => x => x.Root(CancellationToken.None, 0, 100, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Media/UpdateMediaControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Media/UpdateMediaControllerTests.cs
new file mode 100644
index 0000000000..6ed5a6b99f
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Media/UpdateMediaControllerTests.cs
@@ -0,0 +1,85 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Media;
+using Umbraco.Cms.Api.Management.ViewModels.Media;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Media;
+
+public class UpdateMediaControllerTests : ManagementApiUserGroupTestBase<UpdateMediaController>
+{
+    private IMediaEditingService MediaEditingService => GetRequiredService<IMediaEditingService>();
+
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _mediaKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Media Folder Type
+        var mediaTypes = await MediaTypeEditingService.GetFolderMediaTypes(0, 100);
+        var folderMediaType =
+            mediaTypes.Items.FirstOrDefault(x => x.Name.Contains("Folder", StringComparison.OrdinalIgnoreCase));
+
+        // Media Folder
+        MediaCreateModel mediaCreateModel = new()
+        {
+            Variants = new List<VariantModel> { new() { Name = "MediaTest" } },
+            ContentTypeKey = folderMediaType.Key,
+        };
+        var response = await MediaEditingService.CreateAsync(mediaCreateModel, Constants.Security.SuperUserKey);
+        _mediaKey = response.Result.Content.Key;
+    }
+
+    protected override Expression<Func<UpdateMediaController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _mediaKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateMediaRequestModel updateMediaModel = new()
+        {
+            Variants = new MediaVariantRequestModel[]
+            {
+                new() { Culture = null, Segment = null, Name = "NewName", },
+            },
+        };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateMediaModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/ByKeyMediaTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/ByKeyMediaTypeControllerTests.cs
new file mode 100644
index 0000000000..cc18da49fe
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/ByKeyMediaTypeControllerTests.cs
@@ -0,0 +1,56 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.MediaType;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentTypeEditing;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MediaType;
+
+public class ByKeyMediaTypeControllerTests : ManagementApiUserGroupTestBase<ByKeyMediaTypeController>
+{
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _mediaTypeKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _mediaTypeKey = Guid.NewGuid();
+        MediaTypeCreateModel mediaTypeCreateModel = new() { Name = Guid.NewGuid().ToString(), Alias = Guid.NewGuid().ToString(), Key = _mediaTypeKey };
+        await MediaTypeEditingService.CreateAsync(mediaTypeCreateModel, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ByKeyMediaTypeController, object>> MethodSelector => x => x.ByKey(CancellationToken.None, _mediaTypeKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/CreateMediaTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/CreateMediaTypeControllerTests.cs
new file mode 100644
index 0000000000..35ce432282
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/CreateMediaTypeControllerTests.cs
@@ -0,0 +1,49 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.MediaType;
+using Umbraco.Cms.Api.Management.ViewModels.MediaType;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MediaType;
+
+public class CreateMediaTypeControllerTests : ManagementApiUserGroupTestBase<CreateMediaTypeController>
+{
+    protected override Expression<Func<CreateMediaTypeController, object>> MethodSelector => x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateMediaTypeRequestModel createMediaTypeRequest = new() { Name = "Test", Alias = "test", Icon = "icon-picture", AllowedAsRoot = true, Id = Guid.NewGuid() };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createMediaTypeRequest));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/DeleteMediaTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/DeleteMediaTypeControllerTests.cs
new file mode 100644
index 0000000000..b2a8f768de
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/DeleteMediaTypeControllerTests.cs
@@ -0,0 +1,59 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.MediaType;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentTypeEditing;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MediaType;
+
+public class DeleteMediaTypeControllerTests : ManagementApiUserGroupTestBase<DeleteMediaTypeController>
+{
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _mediaTypeKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _mediaTypeKey = Guid.NewGuid();
+        MediaTypeCreateModel mediaTypeCreateModel = new() { Name = "Test", Alias = "test", Key = _mediaTypeKey };
+        await MediaTypeEditingService.CreateAsync(mediaTypeCreateModel, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<DeleteMediaTypeController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _mediaTypeKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/ByKeyMediaTypeFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/ByKeyMediaTypeFolderControllerTests.cs
new file mode 100644
index 0000000000..32a618c361
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/ByKeyMediaTypeFolderControllerTests.cs
@@ -0,0 +1,55 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.MediaType.Folder;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MediaType.Folder;
+
+public class ByKeyMediaTypeFolderControllerTests : ManagementApiUserGroupTestBase<ByKeyMediaTypeFolderController>
+{
+    private IMediaTypeContainerService MediaTypeContainerService => GetRequiredService<IMediaTypeContainerService>();
+
+    private Guid _mediaTypeFolderKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        _mediaTypeFolderKey = Guid.NewGuid();
+        await MediaTypeContainerService.CreateAsync(_mediaTypeFolderKey, "TestFolder", Constants.System.RootKey, Constants.Security.SuperUserKey);
+    }
+
+
+    protected override Expression<Func<ByKeyMediaTypeFolderController, object>> MethodSelector => x => x.ByKey(CancellationToken.None, _mediaTypeFolderKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/CreateMediaTypeFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/CreateMediaTypeFolderControllerTests.cs
new file mode 100644
index 0000000000..bf324ea96d
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/CreateMediaTypeFolderControllerTests.cs
@@ -0,0 +1,49 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.MediaType.Folder;
+using Umbraco.Cms.Api.Management.ViewModels.Folder;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MediaType.Folder;
+
+public class CreateMediaTypeFolderControllerTests : ManagementApiUserGroupTestBase<CreateMediaTypeFolderController>
+{
+    protected override Expression<Func<CreateMediaTypeFolderController, object>> MethodSelector => x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateFolderRequestModel createFolderRequestModel = new() { Name = "Test" };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createFolderRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/DeleteMediaTypeFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/DeleteMediaTypeFolderControllerTests.cs
new file mode 100644
index 0000000000..3ddaac9528
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/DeleteMediaTypeFolderControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.MediaType.Folder;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MediaType.Folder;
+
+public class DeleteMediaTypeFolderControllerTests : ManagementApiUserGroupTestBase<DeleteMediaTypeFolderController>
+{
+    private IMediaTypeContainerService MediaTypeContainerService => GetRequiredService<IMediaTypeContainerService>();
+
+    private Guid _mediaTypeFolderKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        _mediaTypeFolderKey = Guid.NewGuid();
+        await MediaTypeContainerService.CreateAsync(_mediaTypeFolderKey, "TestFolder", Constants.System.RootKey, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<DeleteMediaTypeFolderController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _mediaTypeFolderKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/UpdateMediaTypeFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/UpdateMediaTypeFolderControllerTests.cs
new file mode 100644
index 0000000000..f782abc6ca
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Folder/UpdateMediaTypeFolderControllerTests.cs
@@ -0,0 +1,64 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.MediaType.Folder;
+using Umbraco.Cms.Api.Management.ViewModels.Folder;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MediaType.Folder;
+
+public class UpdateMediaTypeFolderControllerTests : ManagementApiUserGroupTestBase<UpdateMediaTypeFolderController>
+{
+    private IMediaTypeContainerService MediaTypeContainerService => GetRequiredService<IMediaTypeContainerService>();
+
+    private Guid _mediaTypeFolderKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        _mediaTypeFolderKey = Guid.NewGuid();
+        await MediaTypeContainerService.CreateAsync(_mediaTypeFolderKey, "TestFolder", Constants.System.RootKey , Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<UpdateMediaTypeFolderController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _mediaTypeFolderKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateFolderResponseModel updateFolderResponseModel = new() { Name = "TesterFolders" };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateFolderResponseModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Item/ItemMediaTypeItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Item/ItemMediaTypeItemControllerTests.cs
new file mode 100644
index 0000000000..2b1541f69c
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Item/ItemMediaTypeItemControllerTests.cs
@@ -0,0 +1,55 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.MediaType.Item;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MediaType.Item;
+
+public class ItemMediaTypeItemControllerTests : ManagementApiUserGroupTestBase<ItemMediaTypeItemController>
+{
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _mediaTypeKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var mediaTypes = await MediaTypeEditingService.GetFolderMediaTypes(0, 100);
+        var folderMediaType = mediaTypes.Items.FirstOrDefault(x => x.Name.Contains("Folder", StringComparison.OrdinalIgnoreCase));
+        _mediaTypeKey = folderMediaType.Key;
+    }
+
+    protected override Expression<Func<ItemMediaTypeItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<Guid> { _mediaTypeKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Tree/ChildrenMediaTypeTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Tree/ChildrenMediaTypeTreeControllerTests.cs
new file mode 100644
index 0000000000..99e3497d30
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Tree/ChildrenMediaTypeTreeControllerTests.cs
@@ -0,0 +1,62 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.MediaType.Tree;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentTypeEditing;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MediaType.Tree;
+
+public class ChildrenMediaTypeTreeControllerTests : ManagementApiUserGroupTestBase<ChildrenMediaTypeTreeController>
+{
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _parentKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Parent Media Type
+        var mediaTypes = await MediaTypeEditingService.GetFolderMediaTypes(0, 100);
+        var folderMediaType = mediaTypes.Items.FirstOrDefault(x => x.Name.Contains("Folder", StringComparison.OrdinalIgnoreCase));
+        _parentKey = folderMediaType.Key;
+
+        // Child Media Type
+        MediaTypeCreateModel mediaTypeCreateModel = new() { Name = Guid.NewGuid().ToString(), Alias = Guid.NewGuid().ToString(), Key = Guid.NewGuid(), ContainerKey = _parentKey };
+        await MediaTypeEditingService.CreateAsync(mediaTypeCreateModel, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ChildrenMediaTypeTreeController, object>> MethodSelector =>
+        x => x.Children(CancellationToken.None, _parentKey, 0, 100, false);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Tree/RootMediaTreeTypeTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Tree/RootMediaTreeTypeTreeControllerTests.cs
new file mode 100644
index 0000000000..39b9a0db11
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/Tree/RootMediaTreeTypeTreeControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.MediaType.Tree;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MediaType.Tree;
+
+public class RootMediaTreeTypeTreeControllerTests : ManagementApiUserGroupTestBase<RootMediaTypeTreeController>
+{
+    protected override Expression<Func<RootMediaTypeTreeController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100, false);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/UpdateMediaTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/UpdateMediaTypeControllerTests.cs
new file mode 100644
index 0000000000..3f43e16744
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MediaType/UpdateMediaTypeControllerTests.cs
@@ -0,0 +1,66 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.MediaType;
+using Umbraco.Cms.Api.Management.ViewModels.MediaType;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentTypeEditing;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MediaType;
+
+public class UpdateMediaTypeControllerTests : ManagementApiUserGroupTestBase<UpdateMediaTypeController>
+{
+    private IMediaTypeEditingService MediaTypeEditingService => GetRequiredService<IMediaTypeEditingService>();
+
+    private Guid _mediaTypeKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _mediaTypeKey = Guid.NewGuid();
+        MediaTypeCreateModel mediaTypeCreateModel = new() { Name = "Test", Alias = "test", Key = _mediaTypeKey };
+        await MediaTypeEditingService.CreateAsync(mediaTypeCreateModel, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<UpdateMediaTypeController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _mediaTypeKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateMediaTypeRequestModel updateMediaTypeRequest = new() { Name = "Tester", Alias = "test", Icon = "icon-picture", AllowedAsRoot = true };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateMediaTypeRequest));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Member/Item/ItemMemberItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Member/Item/ItemMemberItemControllerTests.cs
new file mode 100644
index 0000000000..605cfb8191
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Member/Item/ItemMemberItemControllerTests.cs
@@ -0,0 +1,65 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Member.Item;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentTypeEditing;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Member.Item;
+
+public class ItemMemberItemControllerTests : ManagementApiUserGroupTestBase<ItemMemberItemController>
+{
+    private IMemberTypeEditingService MemberTypeEditingService => GetRequiredService<IMemberTypeEditingService>();
+
+    private IMemberService MemberService => GetRequiredService<IMemberService>();
+
+    private Guid _memberKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Member Type
+        var memberTypeModel = new MemberTypeCreateModel() { Alias = Guid.NewGuid().ToString(), Name = "Test Member" };
+        var memberTypeResponse = await MemberTypeEditingService.CreateAsync(memberTypeModel, Constants.Security.SuperUserKey);
+
+        // Member
+        var member = MemberService.CreateMember(Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), memberTypeResponse.Result.Alias);
+        MemberService.Save(member);
+        _memberKey = member.Key;
+    }
+
+    protected override Expression<Func<ItemMemberItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<Guid> { _memberKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MemberGroup/Item/ItemMemberGroupItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MemberGroup/Item/ItemMemberGroupItemControllerTests.cs
new file mode 100644
index 0000000000..7d3ec94862
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MemberGroup/Item/ItemMemberGroupItemControllerTests.cs
@@ -0,0 +1,55 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.MemberGroup.Item;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MemberGroup.Item;
+
+public class ItemMemberGroupItemControllerTests : ManagementApiUserGroupTestBase<ItemMemberGroupItemController>
+{
+    private IMemberGroupService MemberGroupService => GetRequiredService<IMemberGroupService>();
+
+    private Guid _memberGroupKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var memberGroup = new Core.Models.MemberGroup { Name = "Test Member Group" };
+        MemberGroupService.Save(memberGroup);
+        _memberGroupKey = memberGroup.Key;
+    }
+
+    protected override Expression<Func<ItemMemberGroupItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<Guid> { _memberGroupKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MemberGroup/Tree/RootMemberGroupTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MemberGroup/Tree/RootMemberGroupTreeControllerTests.cs
new file mode 100644
index 0000000000..6805310909
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MemberGroup/Tree/RootMemberGroupTreeControllerTests.cs
@@ -0,0 +1,42 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.MemberGroup.Tree;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MemberGroup.Tree;
+
+public class RootMemberGroupTreeControllerTests : ManagementApiUserGroupTestBase<RootMemberGroupTreeController>
+{
+
+    protected override Expression<Func<RootMemberGroupTreeController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MemberType/Item/ItemMemberTypeItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MemberType/Item/ItemMemberTypeItemControllerTests.cs
new file mode 100644
index 0000000000..10bc798332
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MemberType/Item/ItemMemberTypeItemControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.MemberType.Item;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models.ContentTypeEditing;
+using Umbraco.Cms.Core.Services.ContentTypeEditing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MemberType.Item;
+
+public class ItemMemberTypeItemControllerTests : ManagementApiUserGroupTestBase<ItemMemberTypeItemController>
+{
+    private IMemberTypeEditingService MemberTypeEditingService => GetRequiredService<IMemberTypeEditingService>();
+
+    private Guid _memberTypeKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var memberTypeModel = new MemberTypeCreateModel() { Alias = Guid.NewGuid().ToString(), Name = "Test Member Type", };
+        var memberTypeResponse = await MemberTypeEditingService.CreateAsync(memberTypeModel, Constants.Security.SuperUserKey);
+        _memberTypeKey = memberTypeResponse.Result.Key;
+    }
+
+    protected override Expression<Func<ItemMemberTypeItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<Guid> { _memberTypeKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/MemberType/Tree/RootMemberTypeTreeControllerTree.cs b/tests/Umbraco.Tests.Integration/ManagementApi/MemberType/Tree/RootMemberTypeTreeControllerTree.cs
new file mode 100644
index 0000000000..4944a018b8
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/MemberType/Tree/RootMemberTypeTreeControllerTree.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.MemberType.Tree;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.MemberType.Tree;
+
+public class RootMemberTypeTreeControllerTests : ManagementApiUserGroupTestBase<RootMemberTypeTreeController>
+{
+    protected override Expression<Func<RootMemberTypeTreeController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/ModelsBuilder/BuildModelsBuilderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/ModelsBuilder/BuildModelsBuilderControllerTests.cs
new file mode 100644
index 0000000000..547a538910
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/ModelsBuilder/BuildModelsBuilderControllerTests.cs
@@ -0,0 +1,43 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.ModelsBuilder;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.ModelsBuilder;
+
+public class BuildModelsBuilderControllerTests : ManagementApiUserGroupTestBase<BuildModelsBuilderController>
+{
+    protected override Expression<Func<BuildModelsBuilderController, object>> MethodSelector =>
+        x => x.BuildModels(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.PostAsync(Url, null);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/ModelsBuilder/GetModelsBuilderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/ModelsBuilder/GetModelsBuilderControllerTests.cs
new file mode 100644
index 0000000000..3181bcc64d
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/ModelsBuilder/GetModelsBuilderControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.ModelsBuilder;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.ModelsBuilder;
+
+public class GetModelsBuilderControllerTests : ManagementApiUserGroupTestBase<GetModelsBuilderController>
+{
+    protected override Expression<Func<GetModelsBuilderController, object>> MethodSelector =>
+        x => x.GetDashboard(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/ModelsBuilder/StatusModelsBuilderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/ModelsBuilder/StatusModelsBuilderControllerTests.cs
new file mode 100644
index 0000000000..b35e0f8eea
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/ModelsBuilder/StatusModelsBuilderControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.ModelsBuilder;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.ModelsBuilder;
+
+public class StatusModelsBuilderControllerTests : ManagementApiUserGroupTestBase<StatusModelsBuilderController>
+{
+    protected override Expression<Func<StatusModelsBuilderController, object>> MethodSelector =>
+        x => x.GetModelsOutOfDateStatus(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/ObjectTypes/AllowedObjectTypesControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/ObjectTypes/AllowedObjectTypesControllerTests.cs
new file mode 100644
index 0000000000..54eb9fe48a
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/ObjectTypes/AllowedObjectTypesControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.ObjectTypes;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.ObjectTypes;
+
+public class AllowedObjectTypesControllerTests : ManagementApiUserGroupTestBase<AllowedObjectTypesController>
+{
+    protected override Expression<Func<AllowedObjectTypesController, object>> MethodSelector =>
+        x => x.Allowed(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Package/AllMigrationStatusPackageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Package/AllMigrationStatusPackageControllerTests.cs
new file mode 100644
index 0000000000..5ce5d50fb0
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Package/AllMigrationStatusPackageControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Package;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Package;
+
+public class AllMigrationStatusPackageControllerTests : ManagementApiUserGroupTestBase<AllMigrationStatusPackageController>
+{
+    protected override Expression<Func<AllMigrationStatusPackageController, object>> MethodSelector =>
+        x => x.AllMigrationStatuses(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/AllCreatedPackageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/AllCreatedPackageControllerTests.cs
new file mode 100644
index 0000000000..1b434d437c
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/AllCreatedPackageControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Package.Created;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Package.Created;
+
+public class AllCreatedPackageControllerTests : ManagementApiUserGroupTestBase<AllCreatedPackageController>
+{
+    protected override Expression<Func<AllCreatedPackageController, object>> MethodSelector =>
+        x => x.All(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/ByKeyCreatedPackageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/ByKeyCreatedPackageControllerTests.cs
new file mode 100644
index 0000000000..320d2ade3e
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/ByKeyCreatedPackageControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Package.Created;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Package.Created;
+
+public class ByKeyCreatedPackageControllerTests : ManagementApiUserGroupTestBase<ByKeyCreatedPackageController>
+{
+    protected override Expression<Func<ByKeyCreatedPackageController, object>> MethodSelector =>
+        x => x.ByKey(CancellationToken.None, Guid.NewGuid());
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/CreateCreatedPackageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/CreateCreatedPackageControllerTests.cs
new file mode 100644
index 0000000000..288fff0631
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/CreateCreatedPackageControllerTests.cs
@@ -0,0 +1,51 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Package.Created;
+using Umbraco.Cms.Api.Management.ViewModels.Package;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Package.Created;
+
+public class CreateCreatedPackageControllerTests : ManagementApiUserGroupTestBase<CreateCreatedPackageController>
+{
+    protected override Expression<Func<CreateCreatedPackageController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreatePackageRequestModel createPackageRequestModel =
+            new() { Name = "TestPackageName" };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createPackageRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/DeleteCreatedPackageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/DeleteCreatedPackageControllerTests.cs
new file mode 100644
index 0000000000..0893735f25
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/DeleteCreatedPackageControllerTests.cs
@@ -0,0 +1,43 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Package.Created;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Package.Created;
+
+public class DeleteCreatedPackageControllerTests : ManagementApiUserGroupTestBase<DeleteCreatedPackageController>
+{
+    protected override Expression<Func<DeleteCreatedPackageController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, Guid.NewGuid());
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/DownloadCreatedPackageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/DownloadCreatedPackageControllerTests.cs
new file mode 100644
index 0000000000..204787f42a
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/DownloadCreatedPackageControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Package.Created;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Package.Created;
+
+public class DownloadCreatedPackageControllerTests : ManagementApiUserGroupTestBase<DownloadCreatedPackageController>
+{
+    protected override Expression<Func<DownloadCreatedPackageController, object>> MethodSelector =>
+        x => x.Download(CancellationToken.None, Guid.NewGuid());
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/UpdateCreatedPackageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/UpdateCreatedPackageControllerTests.cs
new file mode 100644
index 0000000000..6b6aca305f
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Package/Created/UpdateCreatedPackageControllerTests.cs
@@ -0,0 +1,51 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Package.Created;
+using Umbraco.Cms.Api.Management.ViewModels.Package;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Package.Created;
+
+public class UpdateCreatedPackageControllerTests : ManagementApiUserGroupTestBase<UpdateCreatedPackageController>
+{
+    protected override Expression<Func<UpdateCreatedPackageController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, Guid.NewGuid(), null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdatePackageRequestModel updatePackageRequestModel =
+            new() { PackagePath = "PackagePath", Name = "TestPackageNameUpdated" };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updatePackageRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Package/RunMigrationPackageControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Package/RunMigrationPackageControllerTests.cs
new file mode 100644
index 0000000000..ad939505a4
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Package/RunMigrationPackageControllerTests.cs
@@ -0,0 +1,43 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Package;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Package;
+
+public class RunMigrationPackageControllerTests : ManagementApiUserGroupTestBase<RunMigrationPackageController>
+{
+    protected override Expression<Func<RunMigrationPackageController, object>> MethodSelector =>
+        x => x.RunMigrations(CancellationToken.None, "TestMigration");
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.PostAsync(Url, null);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/ByPathPartialViewControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/ByPathPartialViewControllerTests.cs
new file mode 100644
index 0000000000..e0384317af
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/ByPathPartialViewControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.PartialView;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PartialView;
+
+public class ByPathPartialViewControllerTests : ManagementApiUserGroupTestBase<ByPathPartialViewController>
+{
+    private IPartialViewService PartialViewService => GetRequiredService<IPartialViewService>();
+
+    private string _partialViewPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new PartialViewCreateModel { Name = Guid.NewGuid() + ".cshtml" };
+        var response = await PartialViewService.CreateAsync(model, Constants.Security.SuperUserKey);
+        _partialViewPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<ByPathPartialViewController, object>> MethodSelector =>
+        x => x.ByPath(CancellationToken.None, _partialViewPath);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/CreatePartialViewControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/CreatePartialViewControllerTests.cs
new file mode 100644
index 0000000000..34bb0b4f59
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/CreatePartialViewControllerTests.cs
@@ -0,0 +1,54 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.PartialView;
+using Umbraco.Cms.Api.Management.ViewModels.PartialView;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PartialView;
+
+public class CreatePartialViewControllerTests : ManagementApiUserGroupTestBase<CreatePartialViewController>
+{
+    protected override Expression<Func<CreatePartialViewController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreatePartialViewRequestModel createPartialViewRequestModel = new()
+        {
+            Name = Guid.NewGuid() + ".cshtml",
+            Content = string.Empty,
+        };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createPartialViewRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/DeletePartialViewControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/DeletePartialViewControllerTests.cs
new file mode 100644
index 0000000000..98f0973858
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/DeletePartialViewControllerTests.cs
@@ -0,0 +1,59 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.PartialView;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PartialView;
+
+public class DeletePartialViewControllerTests : ManagementApiUserGroupTestBase<DeletePartialViewController>
+{
+    private IPartialViewService PartialViewService => GetRequiredService<IPartialViewService>();
+
+    private string _partialViewPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new PartialViewCreateModel { Name = Guid.NewGuid() + ".cshtml" };
+        var response = await PartialViewService.CreateAsync(model, Constants.Security.SuperUserKey);
+        _partialViewPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<DeletePartialViewController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _partialViewPath);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Folder/ByPathPartialViewFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Folder/ByPathPartialViewFolderControllerTests.cs
new file mode 100644
index 0000000000..c78733af42
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Folder/ByPathPartialViewFolderControllerTests.cs
@@ -0,0 +1,56 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.PartialView.Folder;
+using Umbraco.Cms.Core.Models.FileSystem;
+using Umbraco.Cms.Core.Services.FileSystem;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PartialView.Folder;
+
+public class ByPathPartialViewFolderControllerTests : ManagementApiUserGroupTestBase<ByPathPartialViewFolderController>
+{
+    private IPartialViewFolderService PartialViewFolderService => GetRequiredService<IPartialViewFolderService>();
+
+    private string _partialViewFolderPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new PartialViewFolderCreateModel { Name = Guid.NewGuid().ToString() };
+        var response = await PartialViewFolderService.CreateAsync(model);
+        _partialViewFolderPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<ByPathPartialViewFolderController, object>> MethodSelector =>
+        x => x.ByPath(CancellationToken.None, _partialViewFolderPath);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Folder/CreatePartialViewFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Folder/CreatePartialViewFolderControllerTests.cs
new file mode 100644
index 0000000000..4af5695e31
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Folder/CreatePartialViewFolderControllerTests.cs
@@ -0,0 +1,50 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.PartialView.Folder;
+using Umbraco.Cms.Api.Management.ViewModels.PartialView.Folder;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PartialView.Folder;
+
+public class CreatePartialViewFolderControllerTests : ManagementApiUserGroupTestBase<CreatePartialViewFolderController>
+{
+    protected override Expression<Func<CreatePartialViewFolderController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreatePartialViewFolderRequestModel createPartialViewFolderRequestModel = new() { Name = Guid.NewGuid().ToString() };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createPartialViewFolderRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Folder/DeletePartialViewFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Folder/DeletePartialViewFolderControllerTests.cs
new file mode 100644
index 0000000000..bde8ffaf50
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Folder/DeletePartialViewFolderControllerTests.cs
@@ -0,0 +1,58 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.PartialView.Folder;
+using Umbraco.Cms.Core.Models.FileSystem;
+using Umbraco.Cms.Core.Services.FileSystem;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PartialView.Folder;
+
+public class DeletePartialViewFolderControllerTests : ManagementApiUserGroupTestBase<DeletePartialViewFolderController>
+{
+    private IPartialViewFolderService PartialViewFolderService => GetRequiredService<IPartialViewFolderService>();
+
+    private string _partialViewFolderPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new PartialViewFolderCreateModel { Name = Guid.NewGuid().ToString() };
+        var response = await PartialViewFolderService.CreateAsync(model);
+        _partialViewFolderPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<DeletePartialViewFolderController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _partialViewFolderPath);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Item/ItemPartialViewItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Item/ItemPartialViewItemControllerTests.cs
new file mode 100644
index 0000000000..aa75dffd4f
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Item/ItemPartialViewItemControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.PartialView.Item;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PartialView.Item;
+
+public class ItemPartialViewItemControllerTests : ManagementApiUserGroupTestBase<ItemPartialViewItemController>
+{
+    private IPartialViewService PartialViewService => GetRequiredService<IPartialViewService>();
+
+    private string _partialViewPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new PartialViewCreateModel { Name = Guid.NewGuid() + ".cshtml" };
+        var response = await PartialViewService.CreateAsync(model, Constants.Security.SuperUserKey);
+        _partialViewPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<ItemPartialViewItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<string> { _partialViewPath });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Snippet/GetAllControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Snippet/GetAllControllerTests.cs
new file mode 100644
index 0000000000..c724bb80a6
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Snippet/GetAllControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.PartialView.Snippet;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PartialView.Snippet;
+
+public class GetAllControllerTests : ManagementApiUserGroupTestBase<GetAllController>
+{
+    protected override Expression<Func<GetAllController, object>> MethodSelector =>
+        x => x.GetAll(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Tree/ChildrenPartialViewTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Tree/ChildrenPartialViewTreeControllerTests.cs
new file mode 100644
index 0000000000..07750eec30
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Tree/ChildrenPartialViewTreeControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.PartialView.Tree;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PartialView.Tree;
+
+public class ChildrenPartialViewTreeControllerTests : ManagementApiUserGroupTestBase<ChildrenPartialViewTreeController>
+{
+    private IPartialViewService PartialViewService => GetRequiredService<IPartialViewService>();
+
+    private string _partialViewPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new PartialViewCreateModel { Name = Guid.NewGuid() + ".cshtml" };
+        var response = await PartialViewService.CreateAsync(model, Constants.Security.SuperUserKey);
+        _partialViewPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<ChildrenPartialViewTreeController, object>> MethodSelector =>
+        x => x.Children(CancellationToken.None, _partialViewPath, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Tree/RootPartialViewTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Tree/RootPartialViewTreeControllerTests.cs
new file mode 100644
index 0000000000..4881db4781
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/Tree/RootPartialViewTreeControllerTests.cs
@@ -0,0 +1,54 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.PartialView.Tree;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PartialView.Tree;
+
+public class RootPartialViewTreeControllerTests : ManagementApiUserGroupTestBase<RootPartialViewTreeController>
+{
+    private IPartialViewService PartialViewService => GetRequiredService<IPartialViewService>();
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new PartialViewCreateModel { Name = Guid.NewGuid() + ".cshtml" };
+        await PartialViewService.CreateAsync(model, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<RootPartialViewTreeController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/UpdatePartialViewControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/UpdatePartialViewControllerTests.cs
new file mode 100644
index 0000000000..71065757c4
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PartialView/UpdatePartialViewControllerTests.cs
@@ -0,0 +1,66 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.PartialView;
+using Umbraco.Cms.Api.Management.ViewModels.PartialView;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PartialView;
+
+public class UpdatePartialViewControllerTests : ManagementApiUserGroupTestBase<UpdatePartialViewController>
+{
+    private IPartialViewService PartialViewService => GetRequiredService<IPartialViewService>();
+
+    private string _partialViewPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new PartialViewCreateModel { Name = Guid.NewGuid() + ".cshtml" };
+        var response = await PartialViewService.CreateAsync(model, Constants.Security.SuperUserKey);
+        _partialViewPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<UpdatePartialViewController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _partialViewPath, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdatePartialViewRequestModel updatePartialViewRequestModel = new() { Content = "NewContent" };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updatePartialViewRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Policies/AllCultureControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Policies/AllCultureControllerTests.cs
index ccbb18db0f..72901a4460 100644
--- a/tests/Umbraco.Tests.Integration/ManagementApi/Policies/AllCultureControllerTests.cs
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Policies/AllCultureControllerTests.cs
@@ -1,44 +1,41 @@
 using System.Linq.Expressions;
 using System.Net;
-using NUnit.Framework;
 using Umbraco.Cms.Api.Management.Controllers.Culture;
 
 namespace Umbraco.Cms.Tests.Integration.ManagementApi.Policies;
 
-/// <summary>
-///
-/// </summary>
-[TestFixture]
-internal sealed class AllCultureControllerTests : ManagementApiTest<AllCultureController>
+public class AllCultureControllerTests : ManagementApiUserGroupTestBase<AllCultureController>
 {
     protected override Expression<Func<AllCultureController, object>> MethodSelector =>
         x => x.GetAll(CancellationToken.None, 0, 100);
 
-    [Test]
-    public async Task As_Admin_I_Have_Access()
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
     {
-        await AuthenticateClientAsync(Client, "admin@umbraco.com", "1234567890", true);
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
 
-        var response = await Client.GetAsync(Url);
-
-        Assert.AreEqual(HttpStatusCode.OK, response.StatusCode,  await response.Content.ReadAsStringAsync());
-    }
-
-    [Test]
-    public async Task As_Editor_I_Have_Access()
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
     {
-        await AuthenticateClientAsync(Client, "editor@umbraco.com", "1234567890", false);
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
 
-        var response = await Client.GetAsync(Url);
-
-        Assert.AreEqual(HttpStatusCode.OK, response.StatusCode,  await response.Content.ReadAsStringAsync());
-    }
-
-    [Test]
-    public async Task Unauthourized_when_no_token_is_provided()
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
     {
-        var response = await Client.GetAsync(Url);
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
 
-        Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode, await response.Content.ReadAsStringAsync());
-    }
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
 }
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Policies/CreateDocumentTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Policies/CreateDocumentTests.cs
deleted file mode 100644
index 1202ad8054..0000000000
--- a/tests/Umbraco.Tests.Integration/ManagementApi/Policies/CreateDocumentTests.cs
+++ /dev/null
@@ -1,130 +0,0 @@
-using System.Linq.Expressions;
-using System.Net;
-using System.Text;
-using NUnit.Framework;
-using Umbraco.Cms.Api.Management.Controllers.Document;
-using Umbraco.Cms.Api.Management.ViewModels.Document;
-using Umbraco.Cms.Core;
-using Umbraco.Cms.Core.Actions;
-using Umbraco.Cms.Core.Models;
-using Umbraco.Cms.Core.Models.Membership;
-using Umbraco.Cms.Core.Serialization;
-using Umbraco.Cms.Core.Services;
-using Umbraco.Cms.Core.Services.ContentTypeEditing;
-using Umbraco.Cms.Core.Strings;
-using Umbraco.Cms.Tests.Common.Builders;
-using Umbraco.Cms.Tests.Common.TestHelpers;
-
-namespace Umbraco.Cms.Tests.Integration.ManagementApi.Policies;
-
-[TestFixture]
-internal sealed class CreateDocumentTests : ManagementApiTest<CreateDocumentController>
-{
-    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
-
-    private IShortStringHelper ShortStringHelper => GetRequiredService<IShortStringHelper>();
-
-    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
-
-    private IContentTypeEditingService ContentTypeEditingService => GetRequiredService<IContentTypeEditingService>();
-
-    private IJsonSerializer JsonSerializer => GetRequiredService<IJsonSerializer>();
-
-    private IContentService ContentService => GetRequiredService<IContentService>();
-
-    protected override Expression<Func<CreateDocumentController, object>> MethodSelector =>
-        x => x.Create(CancellationToken.None, null!);
-
-    [Test]
-    public async Task ReadonlyUserCannotCreateDocument()
-    {
-        var userGroup = await CreateReadonlyUserGroupAsync();
-
-        await AuthenticateClientAsync(Client, async userService =>
-        {
-            var email = "test@test.com";
-            var testUserCreateModel = new UserCreateModel
-            {
-                Email = email,
-                Name = "Test Mc.Gee",
-                UserName = email,
-                UserGroupKeys = new HashSet<Guid> { userGroup.Key },
-            };
-
-            var userCreationResult =
-                await userService.CreateAsync(Constants.Security.SuperUserKey, testUserCreateModel, true);
-
-            Assert.IsTrue(userCreationResult.Success);
-
-            return (userCreationResult.Result.CreatedUser, "1234567890");
-        });
-
-        var (contentType, template) = await CreateDocumentTypeAsync();
-        var contentCreateModel = ContentEditingBuilder.CreateSimpleContent(contentType.Key);
-
-        var requestModel = DocumentUpdateHelper.CreateDocumentRequestModel(contentCreateModel);
-
-        var response = await GetManagementApiResponseAsync(requestModel);
-
-        Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Forbidden));
-    }
-
-    [Test]
-    public async Task EditorCanCreateDocument()
-    {
-        await AuthenticateClientAsync(Client, "editor@editor.com", "1234567890", false);
-
-        var (contentType, template) = await CreateDocumentTypeAsync();
-        var requestModel = DocumentUpdateHelper.CreateDocumentRequestModel(ContentEditingBuilder.CreateSimpleContent(contentType.Key));
-
-        var response = await GetManagementApiResponseAsync(requestModel);
-
-        Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Created));
-
-        var locationHeader = response.Headers.GetValues("Location").First();
-        var key = Guid.Parse(locationHeader.Split('/')[^1]);
-        var createdContent = ContentService.GetById(key);
-        Assert.NotNull(createdContent);
-    }
-
-    private async Task<HttpResponseMessage> GetManagementApiResponseAsync(CreateDocumentRequestModel requestModel)
-    {
-        var url = GetManagementApiUrl<CreateDocumentController>(x => x.Create(CancellationToken.None, requestModel));
-        var requestBody = new StringContent(JsonSerializer.Serialize(requestModel), Encoding.UTF8, "application/json");
-        var response = await Client.PostAsync(url, requestBody);
-        return response;
-    }
-
-    private async Task<IUserGroup> CreateReadonlyUserGroupAsync()
-    {
-        var userGroup = new UserGroup(ShortStringHelper)
-        {
-            Name = "Test",
-            Alias = "test",
-            Permissions = new HashSet<string> { ActionBrowse.ActionLetter },
-            HasAccessToAllLanguages = true,
-            StartContentId = -1,
-            StartMediaId = -1
-        };
-        userGroup.AddAllowedSection("content");
-        userGroup.AddAllowedSection("media");
-
-        var groupCreationResult = await UserGroupService.CreateAsync(userGroup, Constants.Security.SuperUserKey);
-        Assert.IsTrue(groupCreationResult.Success);
-        return groupCreationResult.Result;
-    }
-
-    private async Task<(IContentType contentType, ITemplate template)> CreateDocumentTypeAsync()
-    {
-        var userKey = Constants.Security.SuperUserKey;
-        var template = TemplateBuilder.CreateTextPageTemplate();
-        var templateAttempt = await TemplateService.CreateAsync(template, userKey);
-        Assert.IsTrue(templateAttempt.Success);
-
-        var contentTypeCreateModel = ContentTypeEditingBuilder.CreateSimpleContentType(defaultTemplateKey: template.Key);
-        var contentTypeAttempt = await ContentTypeEditingService.CreateAsync(contentTypeCreateModel, userKey);
-        Assert.IsTrue(contentTypeAttempt.Success);
-
-        return (contentTypeAttempt.Result!, templateAttempt.Result!);
-    }
-}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Policies/UpdateDocumentTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Policies/UpdateDocumentTests.cs
deleted file mode 100644
index b41ef5cbc8..0000000000
--- a/tests/Umbraco.Tests.Integration/ManagementApi/Policies/UpdateDocumentTests.cs
+++ /dev/null
@@ -1,152 +0,0 @@
-using System.Linq.Expressions;
-using System.Net;
-using System.Text;
-using NUnit.Framework;
-using Umbraco.Cms.Api.Management.Controllers.Document;
-using Umbraco.Cms.Api.Management.ViewModels.Document;
-using Umbraco.Cms.Core;
-using Umbraco.Cms.Core.Actions;
-using Umbraco.Cms.Core.Models;
-using Umbraco.Cms.Core.Models.ContentEditing;
-using Umbraco.Cms.Core.Models.Membership;
-using Umbraco.Cms.Core.Serialization;
-using Umbraco.Cms.Core.Services;
-using Umbraco.Cms.Core.Services.ContentTypeEditing;
-using Umbraco.Cms.Core.Strings;
-using Umbraco.Cms.Tests.Common.Builders;
-using Umbraco.Cms.Tests.Common.TestHelpers;
-
-namespace Umbraco.Cms.Tests.Integration.ManagementApi.Policies;
-
-internal sealed class UpdateDocumentTests : ManagementApiTest<UpdateDocumentController>
-{
-    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
-
-    private IShortStringHelper ShortStringHelper => GetRequiredService<IShortStringHelper>();
-
-    private IJsonSerializer JsonSerializer => GetRequiredService<IJsonSerializer>();
-
-    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
-
-    private IContentTypeEditingService ContentTypeEditingService => GetRequiredService<IContentTypeEditingService>();
-
-    private IContentEditingService ContentEditingService => GetRequiredService<IContentEditingService>();
-
-    private IContentPublishingService ContentPublishingService => GetRequiredService<IContentPublishingService>();
-
-    private IContentService ContentService => GetRequiredService<IContentService>();
-
-    protected override Expression<Func<UpdateDocumentController, object>> MethodSelector =>
-        x => x.Update(CancellationToken.None, Guid.Empty, null!);
-
-    [Test]
-    public async Task UserWithoutPermissionCannotUpdate()
-    {
-        var userGroup = new UserGroup(ShortStringHelper)
-        {
-            Name = "Test",
-            Alias = "test",
-            Permissions = new HashSet<string> { ActionBrowse.ActionLetter },
-            HasAccessToAllLanguages = true,
-            StartContentId = -1,
-            StartMediaId = -1
-        };
-        userGroup.AddAllowedSection("content");
-        userGroup.AddAllowedSection("media");
-
-        var groupCreationResult = await UserGroupService.CreateAsync(userGroup, Constants.Security.SuperUserKey);
-        Assert.IsTrue(groupCreationResult.Success);
-
-        await AuthenticateClientAsync(Client, async userService =>
-        {
-            var email = "test@test.com";
-            var testUserCreateModel = new UserCreateModel
-            {
-                Email = email,
-                Name = "Test Mc.Gee",
-                UserName = email,
-                UserGroupKeys = new HashSet<Guid> { groupCreationResult.Result.Key },
-            };
-
-            var userCreationResult =
-                await userService.CreateAsync(Constants.Security.SuperUserKey, testUserCreateModel, true);
-
-            Assert.IsTrue(userCreationResult.Success);
-
-            return (userCreationResult.Result.CreatedUser, "1234567890");
-        });
-
-        const string UpdatedName = "NewName";
-
-        var model = await CreateContent();
-        var updateRequestModel = CreateRequestModel(model, UpdatedName);
-
-        var response = await GetManagementApiResponse(model, updateRequestModel);
-
-        AssertResponse(response, model, HttpStatusCode.Forbidden, model.Variants.Single().Name);
-    }
-
-    [Test]
-    public async Task UserWithPermissionCanUpdate()
-    {
-        // "Default" version creates an editor that has permission to update content.
-        await AuthenticateClientAsync(Client, "editor@editor.com", "1234567890", false);
-
-        const string UpdatedName = "NewName";
-
-        var model = await CreateContent();
-        var updateRequestModel = CreateRequestModel(model, UpdatedName);
-
-        var response = await GetManagementApiResponse(model, updateRequestModel);
-
-        AssertResponse(response, model, HttpStatusCode.OK, UpdatedName);
-    }
-
-    private async Task<ContentCreateModel> CreateContent()
-    {
-        var userKey = Constants.Security.SuperUserKey;
-        var template = TemplateBuilder.CreateTextPageTemplate();
-        var templateAttempt = await TemplateService.CreateAsync(template, userKey);
-        Assert.IsTrue(templateAttempt.Success);
-
-        var contentTypeCreateModel = ContentTypeEditingBuilder.CreateSimpleContentType(defaultTemplateKey: template.Key);
-        var contentTypeAttempt = await ContentTypeEditingService.CreateAsync(contentTypeCreateModel, userKey);
-        Assert.IsTrue(contentTypeAttempt.Success);
-
-        var textPage = ContentEditingBuilder.CreateSimpleContent(contentTypeAttempt.Result.Key);
-        textPage.TemplateKey = templateAttempt.Result.Key;
-        textPage.Key = Guid.NewGuid();
-        var createContentResult = await ContentEditingService.CreateAsync(textPage, userKey);
-        Assert.IsTrue(createContentResult.Success);
-
-        var publishResult = await ContentPublishingService.PublishAsync(
-            createContentResult.Result.Content!.Key,
-            [new() { Culture = "*" }],
-            userKey);
-
-        Assert.IsTrue(publishResult.Success);
-        return textPage;
-    }
-
-    private static UpdateDocumentRequestModel CreateRequestModel(ContentCreateModel model, string name)
-    {
-        var updateRequestModel = DocumentUpdateHelper.CreateInvariantDocumentUpdateRequestModel(model);
-        updateRequestModel.Variants.First().Name = name;
-        return updateRequestModel;
-    }
-
-    private async Task<HttpResponseMessage> GetManagementApiResponse(ContentCreateModel model, UpdateDocumentRequestModel updateRequestModel)
-    {
-        var url = GetManagementApiUrl<UpdateDocumentController>(x => x.Update(CancellationToken.None, model.Key!.Value, null));
-        var requestBody = new StringContent(JsonSerializer.Serialize(updateRequestModel), Encoding.UTF8, "application/json");
-        return await Client.PutAsync(url, requestBody);
-    }
-
-    private void AssertResponse(HttpResponseMessage response, ContentCreateModel model, HttpStatusCode expectedStatusCode, string expectedContentName)
-    {
-        Assert.That(response.StatusCode, Is.EqualTo(expectedStatusCode));
-        var content = ContentService.GetById(model.Key!.Value);
-        Assert.IsNotNull(content);
-        Assert.That(content.Name, Is.EqualTo(expectedContentName));
-    }
-}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Preview/EndPreviewControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Preview/EndPreviewControllerTests.cs
new file mode 100644
index 0000000000..e01a4acd76
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Preview/EndPreviewControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Preview;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Preview;
+
+public class EndPreviewControllerTests : ManagementApiUserGroupTestBase<EndPreviewController>
+{
+    protected override Expression<Func<EndPreviewController, object>> MethodSelector =>
+        x => x.End(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Preview/EndPreviewTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Preview/EndPreviewTests.cs
deleted file mode 100644
index ad37b208a6..0000000000
--- a/tests/Umbraco.Tests.Integration/ManagementApi/Preview/EndPreviewTests.cs
+++ /dev/null
@@ -1,27 +0,0 @@
-using System.Linq.Expressions;
-using System.Net;
-using NUnit.Framework;
-using Umbraco.Cms.Api.Management.Controllers.Preview;
-using Umbraco.Cms.Core;
-
-namespace Umbraco.Cms.Tests.Integration.ManagementApi.Preview;
-
-internal sealed class EndPreviewTests : ManagementApiTest<EndPreviewController>
-{
-    protected override Expression<Func<EndPreviewController, object>> MethodSelector =>
-        x => x.End(CancellationToken.None);
-
-
-    [Test]
-    public async Task As_Anonymous_I_Can_End_Preview_Mode()
-    {
-        var response = await Client.DeleteAsync(Url);
-
-        // Check if the set cookie header is sent
-        var doesHeaderExist = response.Headers.TryGetValues("Set-Cookie", out var setCookieValues) &&
-                              setCookieValues.Any(value => value.Contains($"{Constants.Web.PreviewCookieName}=; expires"));
-
-        Assert.IsTrue(doesHeaderExist);
-        Assert.AreEqual(HttpStatusCode.OK, response.StatusCode,  await response.Content.ReadAsStringAsync());
-    }
-}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Preview/EnterPreviewControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Preview/EnterPreviewControllerTests.cs
new file mode 100644
index 0000000000..bfe8d9dfa2
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Preview/EnterPreviewControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Preview;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Preview;
+
+public class EnterPreviewControllerTests : ManagementApiUserGroupTestBase<EnterPreviewController>
+{
+    protected override Expression<Func<EnterPreviewController, object>> MethodSelector =>
+        x => x.Enter(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Preview/EnterPreviewTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Preview/EnterPreviewTests.cs
deleted file mode 100644
index c95474689c..0000000000
--- a/tests/Umbraco.Tests.Integration/ManagementApi/Preview/EnterPreviewTests.cs
+++ /dev/null
@@ -1,29 +0,0 @@
-using System.Linq.Expressions;
-using System.Net;
-using NUnit.Framework;
-using Umbraco.Cms.Api.Management.Controllers.Preview;
-using Umbraco.Cms.Core;
-
-namespace Umbraco.Cms.Tests.Integration.ManagementApi.Preview;
-
-internal sealed class EnterPreviewTests : ManagementApiTest<EnterPreviewController>
-{
-    protected override Expression<Func<EnterPreviewController, object>> MethodSelector =>
-        x => x.Enter(CancellationToken.None);
-
-
-    [Test]
-    public async Task As_Editor_I_Can_Enter_Preview_Mode()
-    {
-        await AuthenticateClientAsync(Client, "admin@umbraco.com", "1234567890", false);
-
-        var response = await Client.PostAsync(Url, null);
-
-        // Check if the set cookie header is sent
-        var doesHeaderExist = response.Headers.TryGetValues("Set-Cookie", out var setCookieValues) &&
-            setCookieValues.Any(value => value.Contains($"{Constants.Web.PreviewCookieName}=") && value.Contains("path=/") && value.Contains("httponly"));
-
-        Assert.IsTrue(doesHeaderExist);
-        Assert.AreEqual(HttpStatusCode.OK, response.StatusCode,  await response.Content.ReadAsStringAsync());
-    }
-}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Profiling/GetStatusProfilingControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Profiling/GetStatusProfilingControllerTests.cs
new file mode 100644
index 0000000000..82a703f733
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Profiling/GetStatusProfilingControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Profiling;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Profiling;
+
+public class GetStatusProfilingControllerTests : ManagementApiUserGroupTestBase<GetStatusProfilingController>
+{
+    protected override Expression<Func<GetStatusProfilingController, object>> MethodSelector =>
+        x => x.Status(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Profiling/UpdateStatusProfilingControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Profiling/UpdateStatusProfilingControllerTests.cs
new file mode 100644
index 0000000000..864a0b4c8d
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Profiling/UpdateStatusProfilingControllerTests.cs
@@ -0,0 +1,50 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Profiling;
+using Umbraco.Cms.Api.Management.ViewModels.Profiling;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Profiling;
+
+public class UpdateStatusProfilingControllerTests : ManagementApiUserGroupTestBase<UpdateStatusProfilingController>
+{
+    protected override Expression<Func<UpdateStatusProfilingController, object>> MethodSelector =>
+        x => x.Status(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        ProfilingStatusRequestModel profilingStatusRequestModel = new ProfilingStatusRequestModel(true);
+
+        return await Client.PutAsync(Url, JsonContent.Create(profilingStatusRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PropertyType/IsUsedPropertyTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PropertyType/IsUsedPropertyTypeControllerTests.cs
new file mode 100644
index 0000000000..f9a7016019
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PropertyType/IsUsedPropertyTypeControllerTests.cs
@@ -0,0 +1,66 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.PropertyType;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PropertyType;
+
+public class IsUsedPropertyTypeControllerTests : ManagementApiUserGroupTestBase<IsUsedPropertyTypeController>
+{
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private IContentTypeService ContentTypeService => GetRequiredService<IContentTypeService>();
+
+    private Guid _contentTypeKey;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        // Template
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+
+        // Content Type
+        IContentType contentType = ContentTypeBuilder.CreateTextPageContentType(defaultTemplateId: template.Id, name: Guid.NewGuid().ToString(), alias: Guid.NewGuid().ToString());
+        contentType.AllowedAsRoot = true;
+        await ContentTypeService.CreateAsync(contentType, Constants.Security.SuperUserKey);
+        _contentTypeKey = contentType.Key;
+    }
+
+    protected override Expression<Func<IsUsedPropertyTypeController, object>> MethodSelector =>
+        x => x.Get(CancellationToken.None, _contentTypeKey, Constants.PropertyEditors.Aliases.RichText);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.InternalServerError
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PublishedCache/RebuildPublishedCacheControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PublishedCache/RebuildPublishedCacheControllerTests.cs
new file mode 100644
index 0000000000..1ef51c4c54
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PublishedCache/RebuildPublishedCacheControllerTests.cs
@@ -0,0 +1,43 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.PublishedCache;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PublishedCache;
+
+public class RebuildPublishedCacheControllerTests : ManagementApiUserGroupTestBase<RebuildPublishedCacheController>
+{
+    protected override Expression<Func<RebuildPublishedCacheController, object>> MethodSelector =>
+        x => x.Rebuild(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.PostAsync(Url, null);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/PublishedCache/ReloadPublishedCacheControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/PublishedCache/ReloadPublishedCacheControllerTests.cs
new file mode 100644
index 0000000000..5926613111
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/PublishedCache/ReloadPublishedCacheControllerTests.cs
@@ -0,0 +1,43 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.PublishedCache;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.PublishedCache;
+
+public class ReloadPublishedCacheControllerTests : ManagementApiUserGroupTestBase<ReloadPublishedCacheController>
+{
+    protected override Expression<Func<ReloadPublishedCacheController, object>> MethodSelector =>
+        x => x.Reload(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.PostAsync(Url, null);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/ByKeyRedirectUrlManagementControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/ByKeyRedirectUrlManagementControllerTests.cs
new file mode 100644
index 0000000000..84596bdeac
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/ByKeyRedirectUrlManagementControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.RedirectUrlManagement;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.RedirectUrlManagement;
+
+public class ByKeyRedirectUrlManagementControllerTests : ManagementApiUserGroupTestBase<ByKeyRedirectUrlManagementController>
+{
+    protected override Expression<Func<ByKeyRedirectUrlManagementController, object>> MethodSelector =>
+        x => x.ByKey(CancellationToken.None, Guid.NewGuid(), 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/DeleteByKeyRedirectUrlManagementControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/DeleteByKeyRedirectUrlManagementControllerTests.cs
new file mode 100644
index 0000000000..b93fafc8c8
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/DeleteByKeyRedirectUrlManagementControllerTests.cs
@@ -0,0 +1,43 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.RedirectUrlManagement;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.RedirectUrlManagement;
+
+public class DeleteByKeyRedirectUrlManagementControllerTests : ManagementApiUserGroupTestBase<DeleteByKeyRedirectUrlManagementController>
+{
+    protected override Expression<Func<DeleteByKeyRedirectUrlManagementController, object>> MethodSelector =>
+        x => x.DeleteByKey(CancellationToken.None, Guid.NewGuid());
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/GetAllRedirectUrlManagementControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/GetAllRedirectUrlManagementControllerTests.cs
new file mode 100644
index 0000000000..cfcbbfffb8
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/GetAllRedirectUrlManagementControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.RedirectUrlManagement;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.RedirectUrlManagement;
+
+public class GetAllRedirectUrlManagementControllerTests : ManagementApiUserGroupTestBase<GetAllRedirectUrlManagementController>
+{
+    protected override Expression<Func<GetAllRedirectUrlManagementController, object>> MethodSelector =>
+        x => x.GetAll(CancellationToken.None, "test", 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/GetStatusRedirectUrlManagementControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/GetStatusRedirectUrlManagementControllerTests.cs
new file mode 100644
index 0000000000..faa2a7d909
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/GetStatusRedirectUrlManagementControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.RedirectUrlManagement;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.RedirectUrlManagement;
+
+public class GetStatusRedirectUrlManagementControllerTests : ManagementApiUserGroupTestBase<GetStatusRedirectUrlManagementController>
+{
+    protected override Expression<Func<GetStatusRedirectUrlManagementController, object>> MethodSelector =>
+        x => x.GetStatus(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/SetStatusRedirectUrlManagementControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/SetStatusRedirectUrlManagementControllerTests.cs
new file mode 100644
index 0000000000..7778937ce8
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/RedirectUrlManagement/SetStatusRedirectUrlManagementControllerTests.cs
@@ -0,0 +1,44 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.RedirectUrlManagement;
+using Umbraco.Cms.Core.Models.RedirectUrlManagement;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.RedirectUrlManagement;
+
+public class SetStatusRedirectUrlManagementControllerTests : ManagementApiUserGroupTestBase<SetStatusRedirectUrlManagementController>
+{
+    protected override Expression<Func<SetStatusRedirectUrlManagementController, object>> MethodSelector =>
+        x => x.SetStatus(CancellationToken.None, RedirectStatus.Enabled);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.PostAsync(Url, null);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Relation/ByRelationTypeKeyRelationControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Relation/ByRelationTypeKeyRelationControllerTests.cs
new file mode 100644
index 0000000000..6b05e27a90
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Relation/ByRelationTypeKeyRelationControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Relation;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Relation;
+
+public class ByRelationTypeKeyRelationControllerTests : ManagementApiUserGroupTestBase<ByRelationTypeKeyRelationController>
+{
+    protected override Expression<Func<ByRelationTypeKeyRelationController, object>> MethodSelector =>
+        x => x.ByRelationTypeKey(CancellationToken.None, Guid.NewGuid(), 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/RelationType/ByKeyRelationTypeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/RelationType/ByKeyRelationTypeControllerTests.cs
new file mode 100644
index 0000000000..caa60e4abf
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/RelationType/ByKeyRelationTypeControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.RelationType;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.RelationType;
+
+public class ByKeyRelationTypeControllerTests : ManagementApiUserGroupTestBase<ByKeyRelationTypeController>
+{
+    protected override Expression<Func<ByKeyRelationTypeController, object>> MethodSelector =>
+        x => x.ByKey(CancellationToken.None, Guid.NewGuid());
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/RelationType/Item/ItemRelationTypeItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/RelationType/Item/ItemRelationTypeItemControllerTests.cs
new file mode 100644
index 0000000000..5c0553ed96
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/RelationType/Item/ItemRelationTypeItemControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.RelationType.Item;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.RelationType.Item;
+
+public class ItemRelationTypeItemControllerTests : ManagementApiUserGroupTestBase<ItemRelationTypeItemController>
+{
+    protected override Expression<Func<ItemRelationTypeItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<Guid> { Guid.NewGuid() });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Script/ByPathScriptControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Script/ByPathScriptControllerTests.cs
new file mode 100644
index 0000000000..460acd86f9
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Script/ByPathScriptControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Script;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Script;
+
+public class ByPathScriptControllerTests : ManagementApiUserGroupTestBase<ByPathScriptController>
+{
+    private IScriptService ScriptService => GetRequiredService<IScriptService>();
+
+    private string _scriptPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new ScriptCreateModel() { Name = Guid.NewGuid() + ".js" };
+        var response = await ScriptService.CreateAsync(model, Constants.Security.SuperUserKey);
+        _scriptPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<ByPathScriptController, object>> MethodSelector =>
+        x => x.ByPath(CancellationToken.None, _scriptPath);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Script/CreateScriptControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Script/CreateScriptControllerTests.cs
new file mode 100644
index 0000000000..af0d043290
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Script/CreateScriptControllerTests.cs
@@ -0,0 +1,54 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Script;
+using Umbraco.Cms.Api.Management.ViewModels.Script;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Script;
+
+public class CreateScriptControllerTests : ManagementApiUserGroupTestBase<CreateScriptController>
+{
+    protected override Expression<Func<CreateScriptController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateScriptRequestModel createScriptRequestModel = new()
+        {
+            Name = Guid.NewGuid() + ".js",
+            Content = "empty",
+        };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createScriptRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Script/DeleteScriptControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Script/DeleteScriptControllerTests.cs
new file mode 100644
index 0000000000..eecb2a6a4d
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Script/DeleteScriptControllerTests.cs
@@ -0,0 +1,59 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Script;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Script;
+
+public class DeleteScriptControllerTests : ManagementApiUserGroupTestBase<DeleteScriptController>
+{
+    private IScriptService ScriptService => GetRequiredService<IScriptService>();
+
+    private string _scriptPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new ScriptCreateModel() { Name = Guid.NewGuid() + ".js" };
+        var response = await ScriptService.CreateAsync(model, Constants.Security.SuperUserKey);
+        _scriptPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<DeleteScriptController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _scriptPath);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Script/Folder/ByPathScriptFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Script/Folder/ByPathScriptFolderControllerTests.cs
new file mode 100644
index 0000000000..637248839d
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Script/Folder/ByPathScriptFolderControllerTests.cs
@@ -0,0 +1,56 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Script.Folder;
+using Umbraco.Cms.Core.Models.FileSystem;
+using Umbraco.Cms.Core.Services.FileSystem;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Script.Folder;
+
+public class ByPathScriptFolderControllerTests : ManagementApiUserGroupTestBase<ByPathScriptFolderController>
+{
+    private IScriptFolderService ScriptFolderService => GetRequiredService<IScriptFolderService>();
+
+    private string _scriptFolderPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new ScriptFolderCreateModel() { Name = Guid.NewGuid().ToString() };
+        var response = await ScriptFolderService.CreateAsync(model);
+        _scriptFolderPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<ByPathScriptFolderController, object>> MethodSelector =>
+        x => x.ByPath(CancellationToken.None, _scriptFolderPath);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Script/Folder/CreateScriptFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Script/Folder/CreateScriptFolderControllerTests.cs
new file mode 100644
index 0000000000..e08dbd1a96
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Script/Folder/CreateScriptFolderControllerTests.cs
@@ -0,0 +1,50 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Script.Folder;
+using Umbraco.Cms.Api.Management.ViewModels.Script.Folder;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Script.Folder;
+
+public class CreateScriptFolderControllerTests : ManagementApiUserGroupTestBase<CreateScriptFolderController>
+{
+    protected override Expression<Func<CreateScriptFolderController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateScriptFolderRequestModel createScriptFolderRequestModel = new() { Name = Guid.NewGuid().ToString() };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createScriptFolderRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Script/Folder/DeleteScriptFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Script/Folder/DeleteScriptFolderControllerTests.cs
new file mode 100644
index 0000000000..174a33dbfc
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Script/Folder/DeleteScriptFolderControllerTests.cs
@@ -0,0 +1,58 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Script.Folder;
+using Umbraco.Cms.Core.Models.FileSystem;
+using Umbraco.Cms.Core.Services.FileSystem;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Script.Folder;
+
+public class DeleteScriptFolderControllerTests : ManagementApiUserGroupTestBase<DeleteScriptFolderController>
+{
+    private IScriptFolderService ScriptFolderService => GetRequiredService<IScriptFolderService>();
+
+    private string _scriptFolderPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new ScriptFolderCreateModel() { Name = Guid.NewGuid().ToString() };
+        var response = await ScriptFolderService.CreateAsync(model);
+        _scriptFolderPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<DeleteScriptFolderController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _scriptFolderPath);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Script/Item/ItemScriptItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Script/Item/ItemScriptItemControllerTests.cs
new file mode 100644
index 0000000000..e0f34058b7
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Script/Item/ItemScriptItemControllerTests.cs
@@ -0,0 +1,56 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Script.Item;
+using Umbraco.Cms.Core.Models.FileSystem;
+using Umbraco.Cms.Core.Services.FileSystem;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Script.Item;
+
+public class ItemScriptItemControllerTests : ManagementApiUserGroupTestBase<ItemScriptItemController>
+{
+    private IScriptFolderService ScriptFolderService => GetRequiredService<IScriptFolderService>();
+
+    private string _scriptFolderPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new ScriptFolderCreateModel() { Name = Guid.NewGuid().ToString() };
+        var response = await ScriptFolderService.CreateAsync(model);
+        _scriptFolderPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<ItemScriptItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<string> { _scriptFolderPath });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Script/Tree/ChildrenScriptTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Script/Tree/ChildrenScriptTreeControllerTests.cs
new file mode 100644
index 0000000000..2c61703ab1
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Script/Tree/ChildrenScriptTreeControllerTests.cs
@@ -0,0 +1,66 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Script.Tree;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.FileSystem;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.FileSystem;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Script.Tree;
+
+public class ChildrenScriptTreeControllerTests : ManagementApiUserGroupTestBase<ChildrenScriptTreeController>
+{
+    private IScriptFolderService ScriptFolderService => GetRequiredService<IScriptFolderService>();
+
+    private IScriptService ScriptService => GetRequiredService<IScriptService>();
+
+    private string _scriptFolderPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Script Folder
+        var folderModel = new ScriptFolderCreateModel() { Name = Guid.NewGuid().ToString() };
+        var responseFolder = await ScriptFolderService.CreateAsync(folderModel);
+        _scriptFolderPath = responseFolder.Result.Path;
+
+        // Script
+        var model = new ScriptCreateModel() { Name = Guid.NewGuid() + ".js", ParentPath = _scriptFolderPath };
+        await ScriptService.CreateAsync(model, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ChildrenScriptTreeController, object>> MethodSelector =>
+        x => x.Children(CancellationToken.None, _scriptFolderPath, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Script/Tree/RootScriptTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Script/Tree/RootScriptTreeControllerTests.cs
new file mode 100644
index 0000000000..999f992187
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Script/Tree/RootScriptTreeControllerTests.cs
@@ -0,0 +1,53 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Script.Tree;
+using Umbraco.Cms.Core.Models.FileSystem;
+using Umbraco.Cms.Core.Services.FileSystem;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Script.Tree;
+
+public class RootScriptTreeControllerTests : ManagementApiUserGroupTestBase<RootScriptTreeController>
+{
+    private IScriptFolderService ScriptFolderService => GetRequiredService<IScriptFolderService>();
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new ScriptFolderCreateModel() { Name = Guid.NewGuid().ToString() };
+        await ScriptFolderService.CreateAsync(model);
+    }
+
+    protected override Expression<Func<RootScriptTreeController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Script/UpdateScriptControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Script/UpdateScriptControllerTests.cs
new file mode 100644
index 0000000000..be343178f1
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Script/UpdateScriptControllerTests.cs
@@ -0,0 +1,66 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Script;
+using Umbraco.Cms.Api.Management.ViewModels.Script;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Script;
+
+public class UpdateScriptControllerTests : ManagementApiUserGroupTestBase<UpdateScriptController>
+{
+    private IScriptService ScriptService => GetRequiredService<IScriptService>();
+
+    private string _scriptPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new ScriptCreateModel() { Name = Guid.NewGuid() + ".js" };
+        var response = await ScriptService.CreateAsync(model, Constants.Security.SuperUserKey);
+        _scriptPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<UpdateScriptController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _scriptPath, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateScriptRequestModel updateScriptRequestModel = new() { Content = "TestUpdatedContent" };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateScriptRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Searcher/AllSearcherControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Searcher/AllSearcherControllerTests.cs
new file mode 100644
index 0000000000..3a686c251b
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Searcher/AllSearcherControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Searcher;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Searcher;
+
+public class AllSearcherControllerTests : ManagementApiUserGroupTestBase<AllSearcherController>
+{
+    protected override Expression<Func<AllSearcherController, object>> MethodSelector =>
+        x => x.All(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Searcher/QuerySearcherControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Searcher/QuerySearcherControllerTests.cs
new file mode 100644
index 0000000000..ca76fbc5c5
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Searcher/QuerySearcherControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Searcher;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Searcher;
+
+public class QuerySearcherControllerTests : ManagementApiUserGroupTestBase<QuerySearcherController>
+{
+    protected override Expression<Func<QuerySearcherController, object>> MethodSelector =>
+        x => x.Query(CancellationToken.None, "TestSearcherName", string.Empty, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Security/BackOfficeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Security/BackOfficeControllerTests.cs
new file mode 100644
index 0000000000..21a350adff
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Security/BackOfficeControllerTests.cs
@@ -0,0 +1,84 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Security;
+using Umbraco.Cms.Api.Management.ViewModels.Security;
+using Umbraco.Cms.Core;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Security;
+
+public class BackOfficeControllerTests : ManagementApiUserGroupTestBase<BackOfficeController>
+{
+    protected override Expression<Func<BackOfficeController, object>> MethodSelector =>
+        x => x.Login(CancellationToken.None, null);
+
+    // Admin
+    [Test]
+    public override async Task As_Admin_I_Have_Specified_Access()
+    {
+        var response = await AuthorizedRequest(Constants.Security.AdminGroupKey, "Admin");
+        UserEmail += "Admin";
+
+        Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, await response.Content.ReadAsStringAsync());
+    }
+
+    // Editor
+    [Test]
+    public override async Task As_Editor_I_Have_Specified_Access()
+    {
+        var response = await AuthorizedRequest(Constants.Security.EditorGroupKey, "Editor");
+        UserEmail += "Editor";
+
+        Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, await response.Content.ReadAsStringAsync());
+    }
+
+    // SensitiveData
+    [Test]
+    public override async Task As_Sensitive_Data_I_Have_Specified_Access()
+    {
+        var response = await AuthorizedRequest(Constants.Security.SensitiveDataGroupKey, "SensitiveData");
+        UserEmail += "SensitiveData";
+
+        Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, await response.Content.ReadAsStringAsync());
+    }
+
+    // Translator
+    [Test]
+    public override async Task As_Translator_I_Have_Specified_Access()
+    {
+        var response = await AuthorizedRequest(Constants.Security.TranslatorGroupKey, "Translator");
+        UserEmail += "Translator";
+
+        Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, await response.Content.ReadAsStringAsync());
+    }
+
+    // Writer
+    [Test]
+    public override async Task As_Writer_I_Have_Specified_Access()
+    {
+        var response = await AuthorizedRequest(Constants.Security.WriterGroupKey, "Writer");
+        UserEmail += "Writer";
+
+        Assert.AreEqual(HttpStatusCode.OK, response.StatusCode, await response.Content.ReadAsStringAsync());
+    }
+
+    // Unauthorized
+    [Test]
+    public override async Task As_Unauthorized_I_Have_Specified_Access()
+    {
+        var response = await ClientRequest();
+
+        Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode, await response.Content.ReadAsStringAsync());
+    }
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        LoginRequestModel loginRequestModel = new() { Username = UserEmail, Password = UserPassword };
+
+        return await Client.PostAsync(Url, JsonContent.Create(loginRequestModel));
+    }
+
+    protected override async Task AuthenticateUser(Guid userGroupKey, string groupName) =>
+        await AuthenticateClientAsync(Client, UserEmail, UserPassword, userGroupKey);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Security/ResetPasswordControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Security/ResetPasswordControllerTests.cs
new file mode 100644
index 0000000000..03fdeaf150
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Security/ResetPasswordControllerTests.cs
@@ -0,0 +1,49 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Security;
+using Umbraco.Cms.Api.Management.ViewModels.Security;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Security;
+
+public class ResetPasswordControllerTests : ManagementApiUserGroupTestBase<ResetPasswordController>
+{
+    protected override Expression<Func<ResetPasswordController, object>> MethodSelector => x => x.RequestPasswordReset(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        ResetPasswordRequestModel resetPasswordRequestModel = new() { Email = UserEmail };
+
+        return await Client.PostAsync(Url, JsonContent.Create(resetPasswordRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Security/ResetPasswordTokenControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Security/ResetPasswordTokenControllerTests.cs
new file mode 100644
index 0000000000..a26aa60785
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Security/ResetPasswordTokenControllerTests.cs
@@ -0,0 +1,51 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Security;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.Security;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Security;
+
+public class ResetPasswordTokenControllerTests : ManagementApiUserGroupTestBase<ResetPasswordTokenController>
+{
+    protected override Expression<Func<ResetPasswordTokenController, object>> MethodSelector =>
+        x => x.ResetPasswordToken(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        ResetPasswordTokenRequestModel resetPasswordTokenRequestModel = new() { User = new ReferenceByIdModel(Guid.NewGuid()), Password = "0123456789", ResetCode = "test" };
+
+        return await Client.PostAsync(Url, JsonContent.Create(resetPasswordTokenRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Security/VerifyResetPasswordTokenControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Security/VerifyResetPasswordTokenControllerTests.cs
new file mode 100644
index 0000000000..5797c95d95
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Security/VerifyResetPasswordTokenControllerTests.cs
@@ -0,0 +1,51 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Security;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.Security;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Security;
+
+public class VerifyResetPasswordTokenControllerTests : ManagementApiUserGroupTestBase<VerifyResetPasswordTokenController>
+{
+    protected override Expression<Func<VerifyResetPasswordTokenController, object>> MethodSelector =>
+        x => x.VerifyResetPasswordToken(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        VerifyResetPasswordTokenRequestModel verifyResetPasswordTokenRequestModel = new() { User = new ReferenceByIdModel(Guid.NewGuid()), ResetCode = "test" };
+
+        return await Client.PostAsync(Url, JsonContent.Create(verifyResetPasswordTokenRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Server/StatusServerControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Server/StatusServerControllerTests.cs
new file mode 100644
index 0000000000..12c321c491
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Server/StatusServerControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Server;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Server;
+
+public class StatusServerControllerTests : ManagementApiUserGroupTestBase<StatusServerController>
+{
+    protected override Expression<Func<StatusServerController, object>> MethodSelector =>
+        x => x.Get(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Services/UserStartNodeEntitiesServiceMediaTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Services/UserStartNodeEntitiesServiceMediaTests.cs
index 44a27bd7fb..241dd1b604 100644
--- a/tests/Umbraco.Tests.Integration/ManagementApi/Services/UserStartNodeEntitiesServiceMediaTests.cs
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Services/UserStartNodeEntitiesServiceMediaTests.cs
@@ -116,7 +116,7 @@ public partial class UserStartNodeEntitiesServiceMediaTests : UmbracoIntegration
         return mediaStartNodeIds;
     }
 
-    private async Task<User> CreateUser(int[] startNodeIds)
+    private async Task<Core.Models.Membership.User> CreateUser(int[] startNodeIds)
     {
         var user = new UserBuilder()
             .WithName(Guid.NewGuid().ToString("N"))
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Services/UserStartNodeEntitiesServiceTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Services/UserStartNodeEntitiesServiceTests.cs
index 761c56ce13..e7ad544af6 100644
--- a/tests/Umbraco.Tests.Integration/ManagementApi/Services/UserStartNodeEntitiesServiceTests.cs
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Services/UserStartNodeEntitiesServiceTests.cs
@@ -116,7 +116,7 @@ public partial class UserStartNodeEntitiesServiceTests : UmbracoIntegrationTest
         return contentStartNodeIds;
     }
 
-    private async Task<User> CreateUser(int[] startNodeIds)
+    private async Task<Core.Models.Membership.User> CreateUser(int[] startNodeIds)
     {
         var user = new UserBuilder()
             .WithName(Guid.NewGuid().ToString("N"))
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/StaticFile/Item/ItemStaticFileItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/StaticFile/Item/ItemStaticFileItemControllerTests.cs
new file mode 100644
index 0000000000..1c954d739f
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/StaticFile/Item/ItemStaticFileItemControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.StaticFile.Item;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.StaticFile.Item;
+
+public class ItemStaticFileItemControllerTests : ManagementApiUserGroupTestBase<ItemStaticFileItemController>
+{
+    protected override Expression<Func<ItemStaticFileItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<string> { "wwwroot" });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/StaticFile/Tree/ChildrenStaticFileTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/StaticFile/Tree/ChildrenStaticFileTreeControllerTests.cs
new file mode 100644
index 0000000000..5f12057bcf
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/StaticFile/Tree/ChildrenStaticFileTreeControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.StaticFile.Tree;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.StaticFile.Tree;
+
+public class ChildrenStaticFileTreeControllerTests : ManagementApiUserGroupTestBase<ChildrenStaticFileTreeController>
+{
+    protected override Expression<Func<ChildrenStaticFileTreeController, object>> MethodSelector =>
+        x => x.Children(CancellationToken.None, "wwwroot", 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/StaticFile/Tree/RootStaticFileTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/StaticFile/Tree/RootStaticFileTreeControllerTests.cs
new file mode 100644
index 0000000000..305ae6fd74
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/StaticFile/Tree/RootStaticFileTreeControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.StaticFile.Tree;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.StaticFile.Tree;
+
+public class RootStaticFileTreeControllerTests : ManagementApiUserGroupTestBase<RootStaticFileTreeController>
+{
+    protected override Expression<Func<RootStaticFileTreeController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/ByPathStylesheetControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/ByPathStylesheetControllerTests.cs
new file mode 100644
index 0000000000..ee0091d5f2
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/ByPathStylesheetControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Stylesheet;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Stylesheet;
+
+public class ByPathStylesheetControllerTests : ManagementApiUserGroupTestBase<ByPathStylesheetController>
+{
+    private IStylesheetService StylesheetService => GetRequiredService<IStylesheetService>();
+
+    private string _stylesheetPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new StylesheetCreateModel { Name = Guid.NewGuid() + ".css" };
+        var response = await StylesheetService.CreateAsync(model, Constants.Security.SuperUserKey);
+        _stylesheetPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<ByPathStylesheetController, object>> MethodSelector =>
+        x => x.ByPath(CancellationToken.None, _stylesheetPath);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/CreateStylesheetControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/CreateStylesheetControllerTests.cs
new file mode 100644
index 0000000000..651d8dd68a
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/CreateStylesheetControllerTests.cs
@@ -0,0 +1,50 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Stylesheet;
+using Umbraco.Cms.Api.Management.ViewModels.Stylesheet;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Stylesheet;
+
+public class CreateStylesheetControllerTests : ManagementApiUserGroupTestBase<CreateStylesheetController>
+{
+    protected override Expression<Func<CreateStylesheetController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateStylesheetRequestModel createStylesheetRequestModel = new() { Name = Guid.NewGuid() + ".css", Content = "test content" };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createStylesheetRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/DeleteStylesheetControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/DeleteStylesheetControllerTests.cs
new file mode 100644
index 0000000000..ff04fdbf39
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/DeleteStylesheetControllerTests.cs
@@ -0,0 +1,59 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Stylesheet;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Stylesheet;
+
+public class DeleteStylesheetControllerTests : ManagementApiUserGroupTestBase<DeleteStylesheetController>
+{
+    private IStylesheetService StylesheetService => GetRequiredService<IStylesheetService>();
+
+    private string _stylesheetPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new StylesheetCreateModel { Name = Guid.NewGuid() + ".css" };
+        var response = await StylesheetService.CreateAsync(model, Constants.Security.SuperUserKey);
+        _stylesheetPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<DeleteStylesheetController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _stylesheetPath);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Folder/ByPathStylesheetFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Folder/ByPathStylesheetFolderControllerTests.cs
new file mode 100644
index 0000000000..ef3b75d197
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Folder/ByPathStylesheetFolderControllerTests.cs
@@ -0,0 +1,56 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Stylesheet.Folder;
+using Umbraco.Cms.Core.Models.FileSystem;
+using Umbraco.Cms.Core.Services.FileSystem;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Stylesheet.Folder;
+
+public class ByPathStylesheetFolderControllerTests : ManagementApiUserGroupTestBase<ByPathStylesheetFolderController>
+{
+    private IStylesheetFolderService StylesheetFolderService => GetRequiredService<IStylesheetFolderService>();
+
+    private string _stylesheetFolderPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new StylesheetFolderCreateModel { Name = Guid.NewGuid().ToString() };
+        var response = await StylesheetFolderService.CreateAsync(model);
+        _stylesheetFolderPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<ByPathStylesheetFolderController, object>> MethodSelector =>
+        x => x.ByPath(CancellationToken.None, _stylesheetFolderPath);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Folder/CreateStylesheetFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Folder/CreateStylesheetFolderControllerTests.cs
new file mode 100644
index 0000000000..b91c1f8092
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Folder/CreateStylesheetFolderControllerTests.cs
@@ -0,0 +1,50 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Stylesheet.Folder;
+using Umbraco.Cms.Api.Management.ViewModels.Stylesheet.Folder;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Stylesheet.Folder;
+
+public class CreateStylesheetFolderControllerTests : ManagementApiUserGroupTestBase<CreateStylesheetFolderController>
+{
+    protected override Expression<Func<CreateStylesheetFolderController, object>> MethodSelector =>
+        x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateStylesheetFolderRequestModel createStylesheetFolderRequestModel = new() { Name = Guid.NewGuid().ToString() };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createStylesheetFolderRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Folder/DeleteStylesheetFolderControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Folder/DeleteStylesheetFolderControllerTests.cs
new file mode 100644
index 0000000000..5fb82a1e24
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Folder/DeleteStylesheetFolderControllerTests.cs
@@ -0,0 +1,58 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Stylesheet.Folder;
+using Umbraco.Cms.Core.Models.FileSystem;
+using Umbraco.Cms.Core.Services.FileSystem;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Stylesheet.Folder;
+
+public class DeleteStylesheetFolderControllerTests : ManagementApiUserGroupTestBase<DeleteStylesheetFolderController>
+{
+    private IStylesheetFolderService StylesheetFolderService => GetRequiredService<IStylesheetFolderService>();
+
+    private string _stylesheetFolderPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new StylesheetFolderCreateModel { Name = Guid.NewGuid().ToString() };
+        var response = await StylesheetFolderService.CreateAsync(model);
+        _stylesheetFolderPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<DeleteStylesheetFolderController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _stylesheetFolderPath);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Item/ItemStylesheetItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Item/ItemStylesheetItemControllerTests.cs
new file mode 100644
index 0000000000..179334238b
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Item/ItemStylesheetItemControllerTests.cs
@@ -0,0 +1,56 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Stylesheet.Item;
+using Umbraco.Cms.Core.Models.FileSystem;
+using Umbraco.Cms.Core.Services.FileSystem;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Stylesheet.Item;
+
+public class ItemStylesheetItemControllerTests : ManagementApiUserGroupTestBase<ItemStylesheetItemController>
+{
+    private IStylesheetFolderService StylesheetFolderService => GetRequiredService<IStylesheetFolderService>();
+
+    private string _stylesheetFolderPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new StylesheetFolderCreateModel { Name = Guid.NewGuid().ToString() };
+        var response = await StylesheetFolderService.CreateAsync(model);
+        _stylesheetFolderPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<ItemStylesheetItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<string> { _stylesheetFolderPath });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Tree/ChildrenStylesheetTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Tree/ChildrenStylesheetTreeControllerTests.cs
new file mode 100644
index 0000000000..d933f20970
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Tree/ChildrenStylesheetTreeControllerTests.cs
@@ -0,0 +1,66 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Stylesheet.Tree;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.FileSystem;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.FileSystem;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Stylesheet.Tree;
+
+public class ChildrenStylesheetTreeControllerTests : ManagementApiUserGroupTestBase<ChildrenStylesheetTreeController>
+{
+    private IStylesheetFolderService StylesheetFolderService => GetRequiredService<IStylesheetFolderService>();
+
+    private IStylesheetService StylesheetService => GetRequiredService<IStylesheetService>();
+
+    private string _stylesheetFolderPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Stylesheet Folder
+        var model = new StylesheetFolderCreateModel { Name = Guid.NewGuid().ToString() };
+        var response = await StylesheetFolderService.CreateAsync(model);
+        _stylesheetFolderPath = response.Result.Path;
+
+        // Stylesheet
+        var modelStylesheet = new StylesheetCreateModel { Name = Guid.NewGuid() + ".css" };
+        await StylesheetService.CreateAsync(modelStylesheet, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ChildrenStylesheetTreeController, object>> MethodSelector =>
+        x => x.Children(CancellationToken.None, _stylesheetFolderPath, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Tree/RootStylesheetTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Tree/RootStylesheetTreeControllerTests.cs
new file mode 100644
index 0000000000..829fa644ce
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/Tree/RootStylesheetTreeControllerTests.cs
@@ -0,0 +1,54 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Stylesheet.Tree;
+using Umbraco.Cms.Core.Models.FileSystem;
+using Umbraco.Cms.Core.Services.FileSystem;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Stylesheet.Tree;
+
+public class RootStylesheetTreeControllerTests : ManagementApiUserGroupTestBase<RootStylesheetTreeController>
+{
+    private IStylesheetFolderService StylesheetFolderService => GetRequiredService<IStylesheetFolderService>();
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Stylesheet Folder
+        var model = new StylesheetFolderCreateModel { Name = Guid.NewGuid().ToString() };
+        await StylesheetFolderService.CreateAsync(model);
+    }
+
+    protected override Expression<Func<RootStylesheetTreeController, object>> MethodSelector =>
+        x => x.Root(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/UpdateStylesheetControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/UpdateStylesheetControllerTests.cs
new file mode 100644
index 0000000000..601c4be5c8
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Stylesheet/UpdateStylesheetControllerTests.cs
@@ -0,0 +1,69 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Stylesheet;
+using Umbraco.Cms.Api.Management.ViewModels.Stylesheet;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Stylesheet;
+
+public class UpdateStylesheetControllerTests : ManagementApiUserGroupTestBase<UpdateStylesheetController>
+{
+    private IStylesheetService StylesheetService => GetRequiredService<IStylesheetService>();
+
+    private string _stylesheetPath;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var model = new StylesheetCreateModel { Name = Guid.NewGuid() + ".css" };
+        var response = await StylesheetService.CreateAsync(model, Constants.Security.SuperUserKey);
+        _stylesheetPath = response.Result.Path;
+    }
+
+    protected override Expression<Func<UpdateStylesheetController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, _stylesheetPath, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateStylesheetRequestModel requestModel = new()
+        {
+            Content = "test content",
+        };
+
+        return await Client.PutAsync(Url, JsonContent.Create(requestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Tag/ByQueryTagControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Tag/ByQueryTagControllerTests.cs
new file mode 100644
index 0000000000..9805f0a45f
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Tag/ByQueryTagControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Tag;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Tag;
+
+public class ByQueryTagControllerTests : ManagementApiUserGroupTestBase<ByQueryTagController>
+{
+    protected override Expression<Func<ByQueryTagController, object>> MethodSelector =>
+        x => x.ByQuery(CancellationToken.None, string.Empty, string.Empty, string.Empty, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Telemetry/AllTelemetryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Telemetry/AllTelemetryControllerTests.cs
new file mode 100644
index 0000000000..0362878c84
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Telemetry/AllTelemetryControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Telemetry;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Telemetry;
+
+public class AllTelemetryControllerTests : ManagementApiUserGroupTestBase<AllTelemetryController>
+{
+    protected override Expression<Func<AllTelemetryController, object>> MethodSelector =>
+        x => x.GetAll(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Telemetry/GetTelemetryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Telemetry/GetTelemetryControllerTests.cs
new file mode 100644
index 0000000000..db8b6f43e6
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Telemetry/GetTelemetryControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Telemetry;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Telemetry;
+
+public class GetTelemetryControllerTests : ManagementApiUserGroupTestBase<GetTelemetryController>
+{
+    protected override Expression<Func<GetTelemetryController, object>> MethodSelector =>
+        x => x.Get(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Telemetry/SetTelemetryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Telemetry/SetTelemetryControllerTests.cs
new file mode 100644
index 0000000000..af1ed46a7f
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Telemetry/SetTelemetryControllerTests.cs
@@ -0,0 +1,51 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Telemetry;
+using Umbraco.Cms.Api.Management.ViewModels.Telemetry;
+using Umbraco.Cms.Core.Models;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Telemetry;
+
+public class SetTelemetryControllerTests : ManagementApiUserGroupTestBase<SetTelemetryController>
+{
+    protected override Expression<Func<SetTelemetryController, object>> MethodSelector =>
+        x => x.SetConsentLevel(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        TelemetryRequestModel telemetryRequestModel = new() { TelemetryLevel = TelemetryLevel.Minimal };
+
+        return await Client.PostAsync(Url, JsonContent.Create(telemetryRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Template/ByKeyTemplateControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Template/ByKeyTemplateControllerTests.cs
new file mode 100644
index 0000000000..4885a536b7
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Template/ByKeyTemplateControllerTests.cs
@@ -0,0 +1,56 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Template;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Template;
+
+public class ByKeyTemplateControllerTests : ManagementApiUserGroupTestBase<ByKeyTemplateController>
+{
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private Guid _templateKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        var response = await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+        _templateKey = response.Result.Key;
+    }
+
+    protected override Expression<Func<ByKeyTemplateController, object>> MethodSelector => x => x.ByKey(CancellationToken.None, _templateKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Template/CreateTemplateControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Template/CreateTemplateControllerTests.cs
new file mode 100644
index 0000000000..42306df4d8
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Template/CreateTemplateControllerTests.cs
@@ -0,0 +1,52 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Template;
+using Umbraco.Cms.Api.Management.ViewModels.Template;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Template;
+
+public class CreateTemplateControllerTests : ManagementApiUserGroupTestBase<CreateTemplateController>
+{
+    protected override Expression<Func<CreateTemplateController, object>> MethodSelector => x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateTemplateRequestModel createTemplateModel = new()
+        {
+            Name = Guid.NewGuid().ToString(), Alias = Guid.NewGuid().ToString(), Content = "<h1>Test Template</h1>"
+        };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createTemplateModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Template/DeleteTemplateControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Template/DeleteTemplateControllerTests.cs
new file mode 100644
index 0000000000..6082218ba9
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Template/DeleteTemplateControllerTests.cs
@@ -0,0 +1,42 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Template;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Template;
+
+public class DeleteTemplateControllerTests : ManagementApiUserGroupTestBase<DeleteTemplateController>
+{
+    protected override Expression<Func<DeleteTemplateController, object>> MethodSelector => x => x.Delete(CancellationToken.None, Guid.Empty);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Template/Item/ItemTemplateItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Template/Item/ItemTemplateItemControllerTests.cs
new file mode 100644
index 0000000000..f346f2f756
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Template/Item/ItemTemplateItemControllerTests.cs
@@ -0,0 +1,56 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Template.Item;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Template.Item;
+
+public class ItemTemplateItemControllerTests : ManagementApiUserGroupTestBase<ItemTemplateItemController>
+{
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private Guid _templateKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        var response = await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+        _templateKey = response.Result.Key;
+    }
+
+    protected override Expression<Func<ItemTemplateItemController, object>> MethodSelector => x => x.Item(CancellationToken.None, new HashSet<Guid> { _templateKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Template/Query/ExecuteTemplateQueryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Template/Query/ExecuteTemplateQueryControllerTests.cs
new file mode 100644
index 0000000000..dde4895824
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Template/Query/ExecuteTemplateQueryControllerTests.cs
@@ -0,0 +1,49 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Template.Query;
+using Umbraco.Cms.Api.Management.ViewModels.Template.Query;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Template.Query;
+
+public class ExecuteTemplateQueryControllerTests : ManagementApiUserGroupTestBase<ExecuteTemplateQueryController>
+{
+    protected override Expression<Func<ExecuteTemplateQueryController, object>> MethodSelector => x => x.Execute(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        TemplateQueryExecuteModel templateQueryExecuteModel = new() { Take = 10 };
+
+        return await Client.PostAsync(Url, JsonContent.Create(templateQueryExecuteModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Template/Query/SettingsTemplateQueryControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Template/Query/SettingsTemplateQueryControllerTests.cs
new file mode 100644
index 0000000000..935144549a
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Template/Query/SettingsTemplateQueryControllerTests.cs
@@ -0,0 +1,40 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Template.Query;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Template.Query;
+
+public class SettingsTemplateQueryControllerTests : ManagementApiUserGroupTestBase<SettingsTemplateQueryController>
+{
+    protected override Expression<Func<SettingsTemplateQueryController, object>> MethodSelector => x => x.Settings(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Template/Tree/ChildrenTemplateTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Template/Tree/ChildrenTemplateTreeControllerTests.cs
new file mode 100644
index 0000000000..f25b920efd
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Template/Tree/ChildrenTemplateTreeControllerTests.cs
@@ -0,0 +1,63 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Template.Tree;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Template.Tree;
+
+public class ChildrenTemplateTreeControllerTests : ManagementApiUserGroupTestBase<ChildrenTemplateTreeController>
+{
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    private Guid _parentTemplateKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        // Parent Template
+        var parentTemplate = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        parentTemplate.IsMasterTemplate = true;
+        var responseParent = await TemplateService.CreateAsync(parentTemplate, Constants.Security.SuperUserKey);
+        _parentTemplateKey = responseParent.Result.Key;
+
+        // Child Template
+        var childTemplate = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        childTemplate.MasterTemplateAlias = parentTemplate.Alias;
+        await TemplateService.CreateAsync(childTemplate, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<ChildrenTemplateTreeController, object>> MethodSelector => x => x.Children(CancellationToken.None, _parentTemplateKey, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Template/Tree/RootTemplateTreeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Template/Tree/RootTemplateTreeControllerTests.cs
new file mode 100644
index 0000000000..018231137f
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Template/Tree/RootTemplateTreeControllerTests.cs
@@ -0,0 +1,53 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.Template.Tree;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Template.Tree;
+
+public class RootTemplateTreeControllerTests : ManagementApiUserGroupTestBase<RootTemplateTreeController>
+{
+    private ITemplateService TemplateService => GetRequiredService<ITemplateService>();
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var template = TemplateBuilder.CreateTextPageTemplate(Guid.NewGuid().ToString());
+        await TemplateService.CreateAsync(template, Constants.Security.SuperUserKey);
+    }
+
+    protected override Expression<Func<RootTemplateTreeController, object>> MethodSelector => x => x.Root(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Template/UpdateTemplateControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Template/UpdateTemplateControllerTests.cs
new file mode 100644
index 0000000000..9c50e2e63c
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Template/UpdateTemplateControllerTests.cs
@@ -0,0 +1,53 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.Template;
+using Umbraco.Cms.Api.Management.ViewModels.Template;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Template;
+
+public class UpdateTemplateControllerTests : ManagementApiUserGroupTestBase<UpdateTemplateController>
+{
+    protected override Expression<Func<UpdateTemplateController, object>> MethodSelector =>
+        x => x.Update(CancellationToken.None, Guid.Empty, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateTemplateRequestModel updateTemplateModel = new()
+        {
+            Name = "UpdatedTestTemplate", Alias = "testTemplate", Content = "<h1>Test Template</h1>"
+        };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateTemplateModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/TemporaryFile/ByKeyTemporaryFileControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/TemporaryFile/ByKeyTemporaryFileControllerTests.cs
new file mode 100644
index 0000000000..aeea6f53d5
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/TemporaryFile/ByKeyTemporaryFileControllerTests.cs
@@ -0,0 +1,55 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.TemporaryFile;
+using Umbraco.Cms.Core.Models.TemporaryFile;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.TemporaryFile;
+
+public class ByKeyTemporaryFileControllerTests : ManagementApiUserGroupTestBase<ByKeyTemporaryFileController>
+{
+    private ITemporaryFileService TemporaryFileService => GetRequiredService<ITemporaryFileService>();
+
+    private Guid _key;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _key = Guid.NewGuid();
+        await TemporaryFileService.CreateAsync(new CreateTemporaryFileModel { Key = _key, FileName = "File.png" });
+    }
+
+    protected override Expression<Func<ByKeyTemporaryFileController, object>> MethodSelector =>
+        x => x.ByKey(CancellationToken.None, _key);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/TemporaryFile/CreateTemporaryFileControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/TemporaryFile/CreateTemporaryFileControllerTests.cs
new file mode 100644
index 0000000000..694ccfe891
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/TemporaryFile/CreateTemporaryFileControllerTests.cs
@@ -0,0 +1,49 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.TemporaryFile;
+using Umbraco.Cms.Api.Management.ViewModels.TemporaryFile;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.TemporaryFile;
+
+public class CreateTemporaryFileControllerTests : ManagementApiUserGroupTestBase<CreateTemporaryFileController>
+{
+    protected override Expression<Func<CreateTemporaryFileController, object>> MethodSelector => x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateTemporaryFileRequestModel createTemporaryFileRequest = new() { Id = Guid.NewGuid(), File = null! };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createTemporaryFileRequest));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/TemporaryFile/DeleteTemporaryFileControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/TemporaryFile/DeleteTemporaryFileControllerTests.cs
new file mode 100644
index 0000000000..362585af25
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/TemporaryFile/DeleteTemporaryFileControllerTests.cs
@@ -0,0 +1,57 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.TemporaryFile;
+using Umbraco.Cms.Core.Models.TemporaryFile;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.TemporaryFile;
+
+public class DeleteTemporaryFileControllerTests : ManagementApiUserGroupTestBase<DeleteTemporaryFileController>
+{
+    private ITemporaryFileService TemporaryFileService => GetRequiredService<ITemporaryFileService>();
+
+    private Guid _key;
+
+    [SetUp]
+    public async Task Setup()
+    {
+        _key = Guid.NewGuid();
+        await TemporaryFileService.CreateAsync(new CreateTemporaryFileModel { Key = _key, FileName = "File.png" });
+    }
+
+    protected override Expression<Func<DeleteTemporaryFileController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _key);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Trees/DocumentTypeSiblingControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Trees/DocumentTypeSiblingControllerTests.cs
deleted file mode 100644
index 5242716a35..0000000000
--- a/tests/Umbraco.Tests.Integration/ManagementApi/Trees/DocumentTypeSiblingControllerTests.cs
+++ /dev/null
@@ -1,60 +0,0 @@
-using System.Linq.Expressions;
-using System.Net.Http.Json;
-using NUnit.Framework;
-using Umbraco.Cms.Api.Common.ViewModels.Pagination;
-using Umbraco.Cms.Api.Management.Controllers.DocumentType.Tree;
-using Umbraco.Cms.Api.Management.ViewModels.Tree;
-using Umbraco.Cms.Core;
-using Umbraco.Cms.Core.Models;
-using Umbraco.Cms.Core.Services;
-using Umbraco.Cms.Core.Services.OperationStatus;
-using Umbraco.Cms.Tests.Common.Builders;
-
-namespace Umbraco.Cms.Tests.Integration.ManagementApi.Trees;
-
-[TestFixture]
-internal sealed class DocumentTypeSiblingControllerTests : ManagementApiTest<SiblingsDocumentTypeTreeController>
-{
-    private IContentTypeContainerService ContentTypeContainerService => GetRequiredService<IContentTypeContainerService>();
-
-    private ContentTypeService ContentTypeService => (ContentTypeService)GetRequiredService<IContentTypeService>();
-
-    protected override Expression<Func<SiblingsDocumentTypeTreeController, object>> MethodSelector =>
-        x => x.Siblings(CancellationToken.None, Guid.Empty, 0, 0, false);
-
-    [Test]
-    public async Task Document_Type_Siblings_Under_Folder_Have_Correct_Parent()
-    {
-        // create folder
-        Attempt<EntityContainer, EntityContainerOperationStatus> folderResult =
-            await ContentTypeContainerService.CreateAsync(null, "Root Container", null, Constants.Security.SuperUserKey);
-
-        // create contentTypeOne
-        IContentType contentTypeOne = ContentTypeBuilder.CreateBasicContentType();
-        contentTypeOne.Alias = "contentTypeOne";
-        contentTypeOne.ParentId = folderResult.Result.Id;
-        contentTypeOne.Variations = ContentVariation.Nothing;
-        ContentTypeService.Save(contentTypeOne);
-
-        // create contentTypeTwo
-        IContentType contentTypeTwo = ContentTypeBuilder.CreateBasicContentType();
-        contentTypeTwo.Alias = "contentTypeTwo";
-        contentTypeTwo.ParentId = folderResult.Result.Id;
-        contentTypeTwo.Variations = ContentVariation.Nothing;
-        ContentTypeService.Save(contentTypeTwo);
-
-        // get siblings of doctype one
-        await AuthenticateClientAsync(Client, "test@test.test", "test@test.test", true);
-        var siblingsResponse = await GetManagementApiResponseAsync(contentTypeOne.Key);
-        var responseModel = await siblingsResponse.Content.ReadFromJsonAsync<SubsetViewModel<DocumentTreeItemResponseModel>>();
-
-        Assert.IsTrue(responseModel.Items.All(i => i.Parent!.Id == folderResult.Result.Key));
-    }
-
-    private async Task<HttpResponseMessage> GetManagementApiResponseAsync(Guid target)
-    {
-        var url = GetManagementApiUrl<SiblingsDocumentTypeTreeController>(x =>
-            x.Siblings(CancellationToken.None, target, 10, 10, false));
-        return await Client.GetAsync(url);
-    }
-}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Upgrade/AuthorizeUpgradeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Upgrade/AuthorizeUpgradeControllerTests.cs
new file mode 100644
index 0000000000..cf881ecb72
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Upgrade/AuthorizeUpgradeControllerTests.cs
@@ -0,0 +1,43 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Upgrade;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Upgrade;
+
+public class AuthorizeUpgradeControllerTests : ManagementApiUserGroupTestBase<AuthorizeUpgradeController>
+{
+    protected override Expression<Func<AuthorizeUpgradeController, object>> MethodSelector =>
+        x => x.Authorize(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.PostAsync(Url, null);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/Upgrade/SettingsUpgradeControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/Upgrade/SettingsUpgradeControllerTests.cs
new file mode 100644
index 0000000000..c6e92c41b0
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/Upgrade/SettingsUpgradeControllerTests.cs
@@ -0,0 +1,41 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.Upgrade;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.Upgrade;
+
+public class SettingsUpgradeControllerTests : ManagementApiUserGroupTestBase<SettingsUpgradeController>
+{
+    protected override Expression<Func<SettingsUpgradeController, object>> MethodSelector =>
+        x => x.Settings(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.PreconditionRequired
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/BulkDeleteUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/BulkDeleteUserControllerTests.cs
new file mode 100644
index 0000000000..d5baadd108
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/BulkDeleteUserControllerTests.cs
@@ -0,0 +1,85 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class BulkDeleteUserControllerTests : ManagementApiUserGroupTestBase<BulkDeleteUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<BulkDeleteUserController, object>> MethodSelector => x => x.DeleteUsers(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        var model = new DeleteUsersRequestModel
+        {
+            UserIds = new HashSet<ReferenceByIdModel> { new(_userKey) },
+        };
+
+        var request = new HttpRequestMessage(HttpMethod.Delete, Url)
+        {
+            Content = JsonContent.Create(model),
+        };
+
+        return await Client.SendAsync(request);
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/ByKeyUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/ByKeyUserControllerTests.cs
new file mode 100644
index 0000000000..7c60fed002
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/ByKeyUserControllerTests.cs
@@ -0,0 +1,68 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class ByKeyUserControllerTests : ManagementApiUserGroupTestBase<ByKeyUserController>
+{
+
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<ByKeyUserController, object>> MethodSelector => x => x.ByKey(CancellationToken.None, _userKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/ChangePasswordUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/ChangePasswordUserControllerTests.cs
new file mode 100644
index 0000000000..305938dfe8
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/ChangePasswordUserControllerTests.cs
@@ -0,0 +1,79 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class ChangePasswordUserControllerTests : ManagementApiUserGroupTestBase<ChangePasswordUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<ChangePasswordUserController, object>> MethodSelector => x => x.ChangePassword(CancellationToken.None, _userKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        ChangePasswordUserRequestModel changePasswordUserRequest = new()
+        {
+            NewPassword = "newPassword"
+        };
+
+        return await Client.PostAsync(Url, JsonContent.Create(changePasswordUserRequest));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/ClearAvatarUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/ClearAvatarUserControllerTests.cs
new file mode 100644
index 0000000000..06df80206b
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/ClearAvatarUserControllerTests.cs
@@ -0,0 +1,69 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class ClearAvatarUserControllerTests : ManagementApiUserGroupTestBase<ClearAvatarUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<ClearAvatarUserController, object>> MethodSelector => x => x.ClearAvatar(CancellationToken.None, _userKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/CreateInitialPasswordUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/CreateInitialPasswordUserControllerTests.cs
new file mode 100644
index 0000000000..d911305ab4
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/CreateInitialPasswordUserControllerTests.cs
@@ -0,0 +1,77 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class CreateInitialPasswordUserControllerTests : ManagementApiUserGroupTestBase<CreateInitialPasswordUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<CreateInitialPasswordUserController, object>> MethodSelector => x => x.CreateInitialPassword(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateInitialPasswordUserRequestModel createInitialPasswordUserRequest = new() { User = new ReferenceByIdModel(_userKey), Password = "password", Token = "test" };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createInitialPasswordUserRequest));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/CreateUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/CreateUserControllerTests.cs
new file mode 100644
index 0000000000..ea5c93c308
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/CreateUserControllerTests.cs
@@ -0,0 +1,52 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class CreateUserControllerTests : ManagementApiUserGroupTestBase<CreateUserController>
+{
+    protected override Expression<Func<CreateUserController, object>> MethodSelector => x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        var stringKey = Guid.NewGuid();
+        CreateUserRequestModel createUserRequestModel = new()
+        {
+            Email = stringKey + "@test.com", UserName = stringKey + "@test.com", Name = "testName", UserGroupIds = null,
+        };
+        return await Client.PostAsync(Url, JsonContent.Create(createUserRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/ChangePasswordCurrentUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/ChangePasswordCurrentUserControllerTests.cs
new file mode 100644
index 0000000000..15b04b3727
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/ChangePasswordCurrentUserControllerTests.cs
@@ -0,0 +1,53 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.User.Current;
+using Umbraco.Cms.Api.Management.ViewModels.User.Current;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User.Current;
+
+public class
+    ChangePasswordCurrentUserControllerTests : ManagementApiUserGroupTestBase<ChangePasswordCurrentUserController>
+{
+    protected override Expression<Func<ChangePasswordCurrentUserController, object>> MethodSelector => x => x.ChangePassword(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        ChangePasswordCurrentUserRequestModel changePasswordCurrentUserRequestModel = new()
+        {
+            OldPassword = "OldPassword",
+            NewPassword = "NewPassword",
+        };
+        return await Client.PostAsync(Url, JsonContent.Create(changePasswordCurrentUserRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetCurrentUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetCurrentUserControllerTests.cs
new file mode 100644
index 0000000000..5d7c2eb4fa
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetCurrentUserControllerTests.cs
@@ -0,0 +1,40 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.User.Current;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User.Current;
+
+public class GetCurrentUserControllerTests : ManagementApiUserGroupTestBase<GetCurrentUserController>
+{
+    protected override Expression<Func<GetCurrentUserController, object>> MethodSelector => x => x.GetCurrentUser(CancellationToken.None);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetDocumentPermissionsCurrentUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetDocumentPermissionsCurrentUserControllerTests.cs
new file mode 100644
index 0000000000..35fa486c78
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetDocumentPermissionsCurrentUserControllerTests.cs
@@ -0,0 +1,67 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User.Current;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User.Current;
+
+public class GetDocumentPermissionsCurrentUserControllerTests : ManagementApiUserGroupTestBase<GetDocumentPermissionsCurrentUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<GetDocumentPermissionsCurrentUserController, object>> MethodSelector => x => x.GetPermissions(CancellationToken.None, new HashSet<Guid> { _userKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetMediaPermissionsCurrentUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetMediaPermissionsCurrentUserControllerTests.cs
new file mode 100644
index 0000000000..97de49b353
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetMediaPermissionsCurrentUserControllerTests.cs
@@ -0,0 +1,67 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User.Current;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User.Current;
+
+public class GetMediaPermissionsCurrentUserControllerTests : ManagementApiUserGroupTestBase<GetMediaPermissionsCurrentUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<GetMediaPermissionsCurrentUserController, object>> MethodSelector => x => x.GetPermissions(CancellationToken.None, new HashSet<Guid> { _userKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetPermissionsCurrentUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetPermissionsCurrentUserControllerTests.cs
new file mode 100644
index 0000000000..ed22cd4224
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/GetPermissionsCurrentUserControllerTests.cs
@@ -0,0 +1,67 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User.Current;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User.Current;
+
+public class GetPermissionsCurrentUserControllerTests : ManagementApiUserGroupTestBase<GetPermissionsCurrentUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<GetPermissionsCurrentUserController, object>> MethodSelector => x => x.GetPermissions(CancellationToken.None, new HashSet<Guid> { _userKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/SetAvatarCurrentUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/SetAvatarCurrentUserControllerTests.cs
new file mode 100644
index 0000000000..d3f7ed613b
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/Current/SetAvatarCurrentUserControllerTests.cs
@@ -0,0 +1,80 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User.Current;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.TemporaryFile;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User.Current;
+
+public class SetAvatarCurrentUserControllerTests : ManagementApiUserGroupTestBase<SetAvatarCurrentUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private ITemporaryFileService TemporaryFileService => GetRequiredService<ITemporaryFileService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _avatarKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+
+        await TemporaryFileService.CreateAsync(new CreateTemporaryFileModel { Key = _avatarKey, FileName = "File.png" });
+    }
+
+    protected override Expression<Func<SetAvatarCurrentUserController, object>> MethodSelector => x => x.SetAvatar(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        SetAvatarRequestModel setAvatarRequestModel = new() { File = new ReferenceByIdModel(_avatarKey) };
+        return await Client.PostAsync(Url, JsonContent.Create(setAvatarRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/DeleteUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/DeleteUserControllerTests.cs
new file mode 100644
index 0000000000..c7f9b5d7a5
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/DeleteUserControllerTests.cs
@@ -0,0 +1,71 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Testing;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+[UmbracoTest(Database = UmbracoTestOptions.Database.NewSchemaPerTest)]
+public class DeleteUserControllerTests : ManagementApiUserGroupTestBase<DeleteUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<DeleteUserController, object>> MethodSelector => x => x.DeleteUser(CancellationToken.None, _userKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/DisableUsersControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/DisableUsersControllerTests.cs
new file mode 100644
index 0000000000..562a109895
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/DisableUsersControllerTests.cs
@@ -0,0 +1,77 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class DisableUsersControllerTests : ManagementApiUserGroupTestBase<DisableUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<DisableUserController, object>> MethodSelector => x => x.DisableUsers(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        DisableUserRequestModel disableUserRequestModel = new() { UserIds = new HashSet<ReferenceByIdModel> { new ReferenceByIdModel(_userKey) } };
+
+        return await Client.PostAsync(Url, JsonContent.Create(disableUserRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/EnableUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/EnableUserControllerTests.cs
new file mode 100644
index 0000000000..d5b7c42bab
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/EnableUserControllerTests.cs
@@ -0,0 +1,77 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class EnableUserControllerTests : ManagementApiUserGroupTestBase<EnableUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<EnableUserController, object>> MethodSelector => x => x.EnableUsers(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        EnableUserRequestModel enableUserRequestModel = new() { UserIds = new HashSet<ReferenceByIdModel> { new ReferenceByIdModel(_userKey) } };
+
+        return await Client.PostAsync(Url, JsonContent.Create(enableUserRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/GetAllUsersControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/GetAllUsersControllerTests.cs
new file mode 100644
index 0000000000..bcd8945b32
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/GetAllUsersControllerTests.cs
@@ -0,0 +1,40 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.User;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class GetAllUsersControllerTests : ManagementApiUserGroupTestBase<GetAllUserController>
+{
+    protected override Expression<Func<GetAllUserController, object>> MethodSelector => x => x.GetAll(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/InviteUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/InviteUserControllerTests.cs
new file mode 100644
index 0000000000..de91676ec3
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/InviteUserControllerTests.cs
@@ -0,0 +1,73 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class InviteUserControllerTests : ManagementApiUserGroupTestBase<InviteUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private Guid _userGroupKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+        _userGroupKey = adminUserGroup.Key;
+    }
+
+    protected override Expression<Func<InviteUserController, object>> MethodSelector => x => x.Invite(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.InternalServerError,
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        var stringKey = Guid.NewGuid();
+
+        InviteUserRequestModel inviteUserRequestModel = new()
+        {
+            Message = "Welcome to Umbraco!",
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = "test",
+            Id = Guid.NewGuid(),
+            UserGroupIds = new HashSet<ReferenceByIdModel> { new(_userGroupKey) },
+        };
+        return await Client.PostAsync(Url, JsonContent.Create(inviteUserRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/Item/ItemUserItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/Item/ItemUserItemControllerTests.cs
new file mode 100644
index 0000000000..471d1f4ab5
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/Item/ItemUserItemControllerTests.cs
@@ -0,0 +1,67 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.UserGroup.Item;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User.Item;
+
+public class ItemUserItemControllerTests : ManagementApiUserGroupTestBase<ItemUserGroupItemController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<ItemUserGroupItemController, object>> MethodSelector => x => x.Item(CancellationToken.None, new HashSet<Guid> { _userKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/ResendInviteUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/ResendInviteUserControllerTests.cs
new file mode 100644
index 0000000000..6c33e3e32d
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/ResendInviteUserControllerTests.cs
@@ -0,0 +1,52 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class ResendInviteUserControllerTests : ManagementApiUserGroupTestBase<ResendInviteUserController>
+{
+    protected override Expression<Func<ResendInviteUserController, object>> MethodSelector => x => x.ResendInvite(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        ResendInviteUserRequestModel resendInviteUserRequestModel = new()
+        {
+            User = new ReferenceByIdModel(Guid.Empty), Message = "Welcome to Umbraco!",
+        };
+        return await Client.PostAsync(Url, JsonContent.Create(resendInviteUserRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/SetAvatarUsersControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/SetAvatarUsersControllerTests.cs
new file mode 100644
index 0000000000..aa7032ae47
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/SetAvatarUsersControllerTests.cs
@@ -0,0 +1,83 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Models.TemporaryFile;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class SetAvatarUsersControllerTests : ManagementApiUserGroupTestBase<SetAvatarUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private ITemporaryFileService TemporaryFileService => GetRequiredService<ITemporaryFileService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+    private Guid _avatarKey = Guid.NewGuid();
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+
+        await TemporaryFileService.CreateAsync(new CreateTemporaryFileModel { Key = _avatarKey, FileName = Guid.NewGuid() + ".png" });
+    }
+
+    protected override Expression<Func<SetAvatarUserController, object>> MethodSelector =>
+        x => x.SetAvatar(CancellationToken.None, _userKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        SetAvatarRequestModel setAvatarRequestModel = new() { File = new ReferenceByIdModel(_avatarKey) };
+        return await Client.PostAsync(Url, JsonContent.Create(setAvatarRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/UnlockUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/UnlockUserControllerTests.cs
new file mode 100644
index 0000000000..d09ba2366e
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/UnlockUserControllerTests.cs
@@ -0,0 +1,76 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class UnlockUserControllerTests : ManagementApiUserGroupTestBase<UnlockUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<UnlockUserController, object>> MethodSelector => x => x.UnlockUsers(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UnlockUsersRequestModel unlockUsersRequestModel = new() { UserIds = new HashSet<ReferenceByIdModel> { new ReferenceByIdModel(_userKey) } };
+        return await Client.PostAsync(Url, JsonContent.Create(unlockUsersRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/UpdateUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/UpdateUserControllerTests.cs
new file mode 100644
index 0000000000..55176649f7
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/UpdateUserControllerTests.cs
@@ -0,0 +1,78 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class UpdateUserControllerTests : ManagementApiUserGroupTestBase<UpdateUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<UpdateUserController, object>> MethodSelector => x => x.Update(CancellationToken.None, _userKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.BadRequest
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateUserRequestModel updateUserGroupsOnUserRequestModel = new()
+        {
+            LanguageIsoCode = "en-US",
+        };
+        return await Client.PutAsync(Url, JsonContent.Create(updateUserGroupsOnUserRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/UpdateUserGroupsUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/UpdateUserGroupsUserControllerTests.cs
new file mode 100644
index 0000000000..0fad5fc627
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/UpdateUserGroupsUserControllerTests.cs
@@ -0,0 +1,84 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class UpdateUserGroupsUserControllerTests : ManagementApiUserGroupTestBase<UpdateUserGroupsUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+    private Guid _writerUserGroupKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var userGroups = await UserGroupService.GetAllAsync(0, 100);
+        var writerUserGroup = userGroups.Items.FirstOrDefault(x => x.Name.Contains("Writer", StringComparison.OrdinalIgnoreCase));
+        _writerUserGroupKey = writerUserGroup.Key;
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<UpdateUserGroupsUserController, object>> MethodSelector => x => x.UpdateUserGroups(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateUserGroupsOnUserRequestModel updateUserGroupsOnUserRequestModel = new()
+        {
+            UserIds = new HashSet<ReferenceByIdModel> { new ReferenceByIdModel(_userKey) }, UserGroupIds = new HashSet<ReferenceByIdModel> { new ReferenceByIdModel(_writerUserGroupKey) },
+        };
+        return await Client.PutAsync(Url, JsonContent.Create(updateUserGroupsOnUserRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/User/VerifyInviteUserControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/User/VerifyInviteUserControllerTests.cs
new file mode 100644
index 0000000000..66532ee465
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/User/VerifyInviteUserControllerTests.cs
@@ -0,0 +1,76 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.User;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Models;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.User;
+
+public class VerifyInviteUserControllerTests : ManagementApiUserGroupTestBase<VerifyInviteUserController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private IUserService UserService => GetRequiredService<IUserService>();
+
+    private Guid _userKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var adminUserGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+
+        var stringKey = Guid.NewGuid();
+        var model = new UserCreateModel()
+        {
+            Email = stringKey + "@test.com",
+            UserName = stringKey + "@test.com",
+            Name = stringKey.ToString(),
+            UserGroupKeys = new HashSet<Guid> { adminUserGroup.Key },
+        };
+        var response = await UserService.CreateAsync(Constants.Security.SuperUserKey, model);
+        _userKey = response.Result.CreatedUser.Key;
+    }
+
+    protected override Expression<Func<VerifyInviteUserController, object>> MethodSelector => x => x.Invite(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.NotFound
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        VerifyInviteUserRequestModel verifyInviteUserRequestModel = new() { User = new ReferenceByIdModel(_userKey), Token = string.Empty };
+        return await Client.PutAsync(Url, JsonContent.Create(verifyInviteUserRequestModel));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/BulkDeleteUserGroupControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/BulkDeleteUserGroupControllerTests.cs
new file mode 100644
index 0000000000..f7c13233bd
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/BulkDeleteUserGroupControllerTests.cs
@@ -0,0 +1,74 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.UserGroup;
+using Umbraco.Cms.Api.Management.ViewModels;
+using Umbraco.Cms.Api.Management.ViewModels.UserGroup;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.UserGroup;
+
+public class BulkDeleteUserGroupControllerTests : ManagementApiUserGroupTestBase<BulkDeleteUserGroupsController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private Guid _userGroupKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var userGroupModel = UserGroupBuilder.CreateUserGroup();
+        var userGroup = await UserGroupService.CreateAsync(userGroupModel, Constants.Security.SuperUserKey);
+        _userGroupKey = userGroup.Result.Key;
+    }
+
+    protected override Expression<Func<BulkDeleteUserGroupsController, object>> MethodSelector => x => x.BulkDelete(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        var model = new DeleteUserGroupsRequestModel
+        {
+            UserGroupIds = new HashSet<ReferenceByIdModel> { new(_userGroupKey) },
+        };
+
+        var request = new HttpRequestMessage(HttpMethod.Delete, Url)
+        {
+            Content = JsonContent.Create(model),
+        };
+
+        return await Client.SendAsync(request);
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/ByKeyUserGroupControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/ByKeyUserGroupControllerTests.cs
new file mode 100644
index 0000000000..bd614f1e8c
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/ByKeyUserGroupControllerTests.cs
@@ -0,0 +1,56 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.UserGroup;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.UserGroup;
+
+public class ByKeyUserGroupControllerTests : ManagementApiUserGroupTestBase<ByKeyUserGroupController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private Guid _userGroupKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var userGroupModel = UserGroupBuilder.CreateUserGroup();
+        var userGroup = await UserGroupService.CreateAsync(userGroupModel, Constants.Security.SuperUserKey);
+        _userGroupKey = userGroup.Result.Key;
+    }
+
+    protected override Expression<Func<ByKeyUserGroupController, object>> MethodSelector => x => x.ByKey(CancellationToken.None, _userGroupKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/CreateUserGroupControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/CreateUserGroupControllerTests.cs
new file mode 100644
index 0000000000..884bde730c
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/CreateUserGroupControllerTests.cs
@@ -0,0 +1,59 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using Umbraco.Cms.Api.Management.Controllers.UserGroup;
+using Umbraco.Cms.Api.Management.ViewModels.UserGroup;
+using Umbraco.Cms.Api.Management.ViewModels.UserGroup.Permissions;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.UserGroup;
+
+public class CreateUserGroupControllerTests : ManagementApiUserGroupTestBase<CreateUserGroupController>
+{
+    protected override Expression<Func<CreateUserGroupController, object>> MethodSelector => x => x.Create(CancellationToken.None, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Created
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        CreateUserGroupRequestModel createUserGroupRequest = new()
+        {
+            Name = "CreatedTestGroup",
+            Alias = "testAlias",
+            FallbackPermissions = new HashSet<string>(),
+            HasAccessToAllLanguages = true,
+            Languages = [],
+            Sections = ["Umb.Section.Content"],
+            Permissions = new HashSet<IPermissionPresentationModel> { },
+        };
+
+        return await Client.PostAsync(Url, JsonContent.Create(createUserGroupRequest));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/DeleteUserGroupControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/DeleteUserGroupControllerTests.cs
new file mode 100644
index 0000000000..e6d0ae94bd
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/DeleteUserGroupControllerTests.cs
@@ -0,0 +1,59 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.UserGroup;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.UserGroup;
+
+public class DeleteUserGroupControllerTests : ManagementApiUserGroupTestBase<DeleteUserGroupController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private Guid _userGroupKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var userGroupModel = UserGroupBuilder.CreateUserGroup();
+        var userGroup = await UserGroupService.CreateAsync(userGroupModel, Constants.Security.SuperUserKey);
+        _userGroupKey = userGroup.Result.Key;
+    }
+
+    protected override Expression<Func<DeleteUserGroupController, object>> MethodSelector =>
+        x => x.Delete(CancellationToken.None, _userGroupKey);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest() => await Client.DeleteAsync(Url);
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/GetAllUserGroupControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/GetAllUserGroupControllerTests.cs
new file mode 100644
index 0000000000..61a0021f7e
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/GetAllUserGroupControllerTests.cs
@@ -0,0 +1,40 @@
+using System.Linq.Expressions;
+using System.Net;
+using Umbraco.Cms.Api.Management.Controllers.UserGroup;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.UserGroup;
+
+public class GetAllUserGroupControllerTests : ManagementApiUserGroupTestBase<GetAllUserGroupController>
+{
+    protected override Expression<Func<GetAllUserGroupController, object>> MethodSelector => x => x.GetAll(CancellationToken.None, 0, 100);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/Item/ItemUserGroupItemControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/Item/ItemUserGroupItemControllerTests.cs
new file mode 100644
index 0000000000..0b8e2aa7a4
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/Item/ItemUserGroupItemControllerTests.cs
@@ -0,0 +1,55 @@
+using System.Linq.Expressions;
+using System.Net;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.UserGroup.Item;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.UserGroup.Item;
+
+public class ItemUserGroupItemControllerTests : ManagementApiUserGroupTestBase<ItemUserGroupItemController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private Guid _userGroupKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var userGroup = await UserGroupService.GetAsync(Constants.Security.AdminGroupAlias);
+        _userGroupKey = userGroup.Key;
+    }
+
+    protected override Expression<Func<ItemUserGroupItemController, object>> MethodSelector =>
+        x => x.Item(CancellationToken.None, new HashSet<Guid> { _userGroupKey });
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/UpdateUserGroupControllerTests.cs b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/UpdateUserGroupControllerTests.cs
new file mode 100644
index 0000000000..3e3fbebb7f
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroup/UpdateUserGroupControllerTests.cs
@@ -0,0 +1,75 @@
+using System.Linq.Expressions;
+using System.Net;
+using System.Net.Http.Json;
+using NUnit.Framework;
+using Umbraco.Cms.Api.Management.Controllers.UserGroup;
+using Umbraco.Cms.Api.Management.ViewModels.UserGroup;
+using Umbraco.Cms.Api.Management.ViewModels.UserGroup.Permissions;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Tests.Common.Builders;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi.UserGroup;
+
+public class UpdateUserGroupControllerTests : ManagementApiUserGroupTestBase<UpdateUserGroupController>
+{
+    private IUserGroupService UserGroupService => GetRequiredService<IUserGroupService>();
+
+    private Guid _userGroupKey;
+
+    [SetUp]
+    public async Task SetUp()
+    {
+        var userGroupModel = UserGroupBuilder.CreateUserGroup();
+        var userGroup = await UserGroupService.CreateAsync(userGroupModel, Constants.Security.SuperUserKey);
+        _userGroupKey = userGroup.Result.Key;
+    }
+
+    protected override Expression<Func<UpdateUserGroupController, object>> MethodSelector => x => x.Update(CancellationToken.None, _userGroupKey, null);
+
+    protected override UserGroupAssertionModel AdminUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.OK
+    };
+
+    protected override UserGroupAssertionModel EditorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel SensitiveDataUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel TranslatorUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel WriterUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Forbidden
+    };
+
+    protected override UserGroupAssertionModel UnauthorizedUserGroupAssertionModel => new()
+    {
+        ExpectedStatusCode = HttpStatusCode.Unauthorized
+    };
+
+    protected override async Task<HttpResponseMessage> ClientRequest()
+    {
+        UpdateUserGroupRequestModel updateUserGroupRequest = new()
+        {
+            Name = "UpdatedTestGroup",
+            Alias = "testAlias",
+            FallbackPermissions = new HashSet<string>(),
+            HasAccessToAllLanguages = true,
+            Languages = [],
+            Sections = ["Umb.Section.Content"],
+            Permissions = new HashSet<IPermissionPresentationModel> { },
+        };
+
+        return await Client.PutAsync(Url, JsonContent.Create(updateUserGroupRequest));
+    }
+}
diff --git a/tests/Umbraco.Tests.Integration/ManagementApi/UserGroupAssertionModel.cs b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroupAssertionModel.cs
new file mode 100644
index 0000000000..266058a3af
--- /dev/null
+++ b/tests/Umbraco.Tests.Integration/ManagementApi/UserGroupAssertionModel.cs
@@ -0,0 +1,8 @@
+using System.Net;
+
+namespace Umbraco.Cms.Tests.Integration.ManagementApi;
+
+public class UserGroupAssertionModel
+{
+    public HttpStatusCode ExpectedStatusCode { get; set; }
+}
diff --git a/tests/Umbraco.Tests.Integration/TestServerTest/UmbracoTestServerTestBase.cs b/tests/Umbraco.Tests.Integration/TestServerTest/UmbracoTestServerTestBase.cs
index 19bf18c5b7..25de9257a4 100644
--- a/tests/Umbraco.Tests.Integration/TestServerTest/UmbracoTestServerTestBase.cs
+++ b/tests/Umbraco.Tests.Integration/TestServerTest/UmbracoTestServerTestBase.cs
@@ -11,7 +11,6 @@ using Microsoft.AspNetCore.TestHost;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
-using Microsoft.Extensions.Options;
 using Moq;
 using NUnit.Framework;
 using Umbraco.Cms.Api.Delivery.Controllers.Content;
@@ -21,9 +20,9 @@ using Umbraco.Cms.Api.Management.DependencyInjection;
 using Umbraco.Cms.Core;
 using Umbraco.Cms.Core.Cache;
 using Umbraco.Cms.Core.Composing;
+using Umbraco.Cms.Core.Persistence.Repositories;
 using Umbraco.Cms.Core.Services;
 using Umbraco.Cms.Core.Web;
-using Umbraco.Cms.Core.Persistence.Repositories;
 using Umbraco.Cms.Persistence.Sqlite;
 using Umbraco.Cms.Persistence.SqlServer;
 using Umbraco.Cms.Tests.Common.Testing;
@@ -31,7 +30,6 @@ using Umbraco.Cms.Tests.Integration.DependencyInjection;
 using Umbraco.Cms.Tests.Integration.Testing;
 using Umbraco.Cms.Web.Common.Controllers;
 using Umbraco.Cms.Web.Website.Controllers;
-using Umbraco.Extensions;
 
 namespace Umbraco.Cms.Tests.Integration.TestServerTest
 {
@@ -39,11 +37,23 @@ namespace Umbraco.Cms.Tests.Integration.TestServerTest
     [UmbracoTest(Database = UmbracoTestOptions.Database.NewSchemaPerTest, Logger = UmbracoTestOptions.Logger.Console, Boot = true)]
     public abstract class UmbracoTestServerTestBase : UmbracoIntegrationTestBase
     {
+        private static readonly Dictionary<string, WebApplicationFactory<UmbracoTestServerTestBase>> _factoryCache = new();
+
         protected HttpClient Client { get; private set; }
 
+        protected WebApplicationFactory<UmbracoTestServerTestBase> Factory { get; private set; }
+
+        protected IServiceProvider Services => Factory?.Services;
+
         protected LinkGenerator LinkGenerator => Factory.Services.GetRequiredService<LinkGenerator>();
 
-        protected WebApplicationFactory<UmbracoTestServerTestBase> Factory { get; private set; }
+        protected void CustomMvcSetup(IMvcBuilder mvcBuilder)
+        {
+        }
+
+        protected virtual void ConfigureTestServices(IServiceCollection services)
+        {
+        }
 
         /// <summary>
         ///  Hook for altering UmbracoBuilder setup
@@ -59,12 +69,41 @@ namespace Umbraco.Cms.Tests.Integration.TestServerTest
         {
             // Add a test auth scheme with a test auth handler to authn and assign the user
             services.AddAuthentication(TestAuthHandler.TestAuthenticationScheme)
-                .AddScheme<AuthenticationSchemeOptions, TestAuthHandler>(
-                    TestAuthHandler.TestAuthenticationScheme, options => { });
+                .AddScheme<AuthenticationSchemeOptions, TestAuthHandler>(TestAuthHandler.TestAuthenticationScheme,
+                    options => { });
         }
 
         [SetUp]
-        public void Setup()
+        public virtual void Setup()
+        {
+            // Don't cache factory if using NewSchemaPerTest
+            if (TestOptions.Database == UmbracoTestOptions.Database.NewSchemaPerTest ||
+                TestOptions.Database == UmbracoTestOptions.Database.NewEmptyPerTest)
+            {
+                // Create a new factory for each test when using per-test database
+                Factory = CreateNewFactory();
+            }
+            else
+            {
+                // Use cached factory for per-fixture database options
+                var cacheKey = $"{TestOptions.Database}_{TestOptions.Boot}";
+
+                if (!_factoryCache.TryGetValue(cacheKey, out var cachedFactory))
+                {
+                    cachedFactory = CreateNewFactory();
+                    _factoryCache[cacheKey] = cachedFactory;
+                }
+
+                Factory = cachedFactory;
+            }
+
+            Client = Factory.CreateClient(new WebApplicationFactoryClientOptions
+            {
+                AllowAutoRedirect = false, BaseAddress = new Uri("https://localhost/", UriKind.Absolute),
+            });
+        }
+
+        private WebApplicationFactory<UmbracoTestServerTestBase> CreateNewFactory()
         {
             /*
              * It's worth noting that our usage of WebApplicationFactory is non-standard,
@@ -81,29 +120,41 @@ namespace Umbraco.Cms.Tests.Integration.TestServerTest
              *
              * See https://docs.microsoft.com/en-us/aspnet/core/test/integration-tests
              */
-            var factory = new UmbracoWebApplicationFactory<UmbracoTestServerTestBase>(CreateHostBuilder);
-
-
-            // additional host configuration for web server integration tests
-            Factory = factory.WithWebHostBuilder(builder =>
-            {
-                // Otherwise inferred as $(SolutionDir)/Umbraco.Tests.Integration (note lack of src/tests)
-                builder.UseContentRoot(Assembly.GetExecutingAssembly().GetRootDirectorySafe());
-
-                // Executes after the standard ConfigureServices method
-                builder.ConfigureTestServices(services =>
+            return new UmbracoWebApplicationFactory<UmbracoTestServerTestBase>(CreateHostBuilder)
+                .WithWebHostBuilder(builder =>
                 {
-                    services.AddSingleton<IWebProfilerRepository, TestWebProfilerRepository>();
-
-                    CustomTestAuthSetup(services);
+                    builder.UseContentRoot(Assembly.GetExecutingAssembly().GetRootDirectorySafe());
+                    builder.ConfigureTestServices(services =>
+                    {
+                        services.AddSingleton<IWebProfilerRepository, TestWebProfilerRepository>();
+                        CustomTestAuthSetup(services);
+                    });
                 });
-            });
+        }
 
-            Client = Factory.CreateClient(new WebApplicationFactoryClientOptions
+        [TearDown]
+        public void TearDownClient()
+        {
+            Client?.Dispose();
+
+            // Dispose the factory if using per-test database
+            if (TestOptions.Database == UmbracoTestOptions.Database.NewSchemaPerTest ||
+                TestOptions.Database == UmbracoTestOptions.Database.NewEmptyPerTest)
             {
-                AllowAutoRedirect = false,
-                BaseAddress = new Uri("https://localhost/", UriKind.Absolute)
-            });
+                Factory?.Dispose();
+                Factory = null;
+            }
+        }
+
+        [OneTimeTearDown]
+        public static async Task CleanupFactories()
+        {
+            foreach (var factory in _factoryCache.Values)
+            {
+                await factory.DisposeAsync();
+            }
+
+            _factoryCache.Clear();
         }
 
         /// <summary>
@@ -126,25 +177,9 @@ namespace Umbraco.Cms.Tests.Integration.TestServerTest
 
             // Remove the CancellationToken from the method params, this is automatically added by the framework
             // So we do not want to add this to the query string
-            var cancellationTokenKey = methodParams.FirstOrDefault(x => x.Value is CancellationToken).Key;
-            if (cancellationTokenKey is not null)
-            {
-                methodParams.Remove(cancellationTokenKey);
-            }
-
-
-            methodParams["version"] =
-                method?.GetCustomAttribute<MapToApiVersionAttribute>()?.Versions?.First().MajorVersion.ToString() // get it from the attribute
-                ?? Factory.Services.GetRequiredService<IOptions<ApiVersioningOptions>>()?.Value.DefaultApiVersion.MajorVersion.ToString(); // or use the default version from options
-            if (method == null)
-            {
-                throw new MissingMethodException(
-                    $"Could not find the method {methodSelector} on type {typeof(T)} or the result ");
-            }
-
-            var controllerName = ControllerExtensions.GetControllerName(typeof(T));
-
-            return LinkGenerator.GetUmbracoControllerUrl(method.Name, controllerName, null, methodParams);
+            methodParams.Remove(methodParams.FirstOrDefault(x => x.Value is CancellationToken).Key);
+            methodParams["version"] = method?.GetCustomAttribute<MapToApiVersionAttribute>()?.Versions[0].MajorVersion.ToString();
+            return LinkGenerator.GetUmbracoControllerUrl(method.Name, ControllerExtensions.GetControllerName<T>(), null, methodParams);
         }
 
         /// <summary>
@@ -181,7 +216,6 @@ namespace Umbraco.Cms.Tests.Integration.TestServerTest
             };
 
             umbracoContextFactory.EnsureUmbracoContext();
-
             return url;
         }
 
@@ -203,7 +237,6 @@ namespace Umbraco.Cms.Tests.Integration.TestServerTest
                     builder.ConfigureServices((context, services) =>
                     {
                         context.HostingEnvironment = TestHelper.GetWebHostEnvironment();
-
                         ConfigureServices(services);
                         ConfigureTestServices(services);
                         services.AddUnique(CreateLoggerFactory());
@@ -232,8 +265,6 @@ namespace Umbraco.Cms.Tests.Integration.TestServerTest
             return hostBuilder;
         }
 
-        protected virtual IServiceProvider Services => Factory.Services;
-
         protected virtual T GetRequiredService<T>() => Factory.Services.GetRequiredService<T>();
 
         protected void ConfigureServices(IServiceCollection services)
@@ -243,15 +274,13 @@ namespace Umbraco.Cms.Tests.Integration.TestServerTest
             TypeLoader typeLoader = services.AddTypeLoader(
                 GetType().Assembly,
                 TestHelper.ConsoleLoggerFactory,
-                AppCaches.NoCache,
-                Configuration,
-                TestHelper.Profiler);
+                Configuration);
 
             services.AddLogger(TestHelper.GetWebHostEnvironment(), Configuration);
 
             var builder = new UmbracoBuilder(services, Configuration, typeLoader, TestHelper.ConsoleLoggerFactory, TestHelper.Profiler, AppCaches.NoCache);
-            builder.Services.AddTransient<IHostedService>(sp => new TestDatabaseHostedLifecycleService(() => UseTestDatabase(sp)));
-
+            builder.Services.AddTransient<IHostedService>(sp =>
+                new TestDatabaseHostedLifecycleService(() => UseTestDatabase(sp)));
             builder
                 .AddConfiguration()
                 .AddUmbracoCore()
@@ -291,23 +320,9 @@ namespace Umbraco.Cms.Tests.Integration.TestServerTest
 
             CustomTestSetup(builder);
 
-
             builder.Build();
         }
 
-        protected virtual void CustomMvcSetup(IMvcBuilder mvcBuilder)
-        {
-
-        }
-
-        /// <summary>
-        ///  Hook for registering test doubles.
-        /// </summary>
-        protected virtual void ConfigureTestServices(IServiceCollection services)
-        {
-
-        }
-
         protected void Configure(IApplicationBuilder app)
         {
             app.UseUmbraco()
@@ -334,7 +349,7 @@ public class TestDatabaseHostedLifecycleService : IHostedLifecycleService
         _action = action;
     }
 
-    public Task StartAsync(CancellationToken cancellationToken)=> Task.CompletedTask;
+    public Task StartAsync(CancellationToken cancellationToken) => Task.CompletedTask;
 
     public Task StopAsync(CancellationToken cancellationToken) => Task.CompletedTask;
 
@@ -344,8 +359,8 @@ public class TestDatabaseHostedLifecycleService : IHostedLifecycleService
     {
         _action();
         return Task.CompletedTask;
-
     }
+
     public Task StoppedAsync(CancellationToken cancellationToken) => Task.CompletedTask;
 
     public Task StoppingAsync(CancellationToken cancellationToken) => Task.CompletedTask;
diff --git a/tests/Umbraco.Tests.Integration/TestServerTest/UmbracoWebApplicationFactory.cs b/tests/Umbraco.Tests.Integration/TestServerTest/UmbracoWebApplicationFactory.cs
index 414fe0840c..a716718c06 100644
--- a/tests/Umbraco.Tests.Integration/TestServerTest/UmbracoWebApplicationFactory.cs
+++ b/tests/Umbraco.Tests.Integration/TestServerTest/UmbracoWebApplicationFactory.cs
@@ -2,9 +2,7 @@
 // See LICENSE for more details.
 
 using Microsoft.AspNetCore.Mvc.Testing;
-using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
-using Umbraco.Cms.Core.Services;
 
 namespace Umbraco.Cms.Tests.Integration.TestServerTest;
 
@@ -13,6 +11,7 @@ public class UmbracoWebApplicationFactory<TStartup> : WebApplicationFactory<TSta
 {
     private readonly Action<IHost> _beforeStart;
     private readonly Func<IHostBuilder> _createHostBuilder;
+    private IHost _host;
 
     /// <summary>
     ///     Constructor to create a new WebApplicationFactory
@@ -24,12 +23,17 @@ public class UmbracoWebApplicationFactory<TStartup> : WebApplicationFactory<TSta
 
     protected override IHost CreateHost(IHostBuilder builder)
     {
-        var host = builder.Build();
+        _host = builder.Build();
 
-        _beforeStart?.Invoke(host);
+        _beforeStart?.Invoke(_host);
 
-        host.Start();
+        _host.Start();
 
-        return host;
+        return _host;
+    }
+
+    public void ClearHost()
+    {
+        _host.StopAsync().GetAwaiter().GetResult();
     }
 }
diff --git a/tests/Umbraco.Tests.Integration/Testing/UmbracoIntegrationTestBase.cs b/tests/Umbraco.Tests.Integration/Testing/UmbracoIntegrationTestBase.cs
index 45eef4b1d1..20f55309c4 100644
--- a/tests/Umbraco.Tests.Integration/Testing/UmbracoIntegrationTestBase.cs
+++ b/tests/Umbraco.Tests.Integration/Testing/UmbracoIntegrationTestBase.cs
@@ -1,7 +1,3 @@
-using System;
-using System.Collections.Generic;
-using System.IO;
-using Microsoft.AspNetCore.Builder;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
@@ -9,7 +5,6 @@ using Microsoft.Extensions.Logging.Abstractions;
 using Microsoft.Extensions.Options;
 using NUnit.Framework;
 using Serilog;
-using Umbraco.Cms.Core;
 using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Cms.Core.Events;
 using Umbraco.Cms.Core.Notifications;
@@ -27,31 +22,29 @@ namespace Umbraco.Cms.Tests.Integration.Testing;
 [NonParallelizable]
 public abstract class UmbracoIntegrationTestBase
 {
-    private static readonly Lock s_dbLocker = new();
-    private static ITestDatabase? s_dbInstance;
-    private static TestDbMeta s_fixtureDbMeta;
-    private static int s_testCount = 1;
+    private static readonly Lock _dbLocker = new();
+    private static ITestDatabase? _dbInstance;
+    private static TestDbMeta _fixtureDbMeta;
+    protected static int TestCount = 1;
     private readonly List<Action> _fixtureTeardown = new();
     private readonly Queue<Action> _testTeardown = new();
-
     private bool _firstTestInFixture = true;
 
     protected Dictionary<string, string> InMemoryConfiguration { get; } = new();
 
     protected IConfiguration Configuration { get; set; }
 
-    protected UmbracoTestAttribute TestOptions =>
-        TestOptionAttributeBase.GetTestOptions<UmbracoTestAttribute>();
+    protected UmbracoTestAttribute TestOptions => TestOptionAttributeBase.GetTestOptions<UmbracoTestAttribute>();
 
     protected TestHelper TestHelper { get; } = new();
 
-    private void AddOnTestTearDown(Action tearDown) => _testTeardown.Enqueue(tearDown);
+    protected void AddOnTestTearDown(Action tearDown) => _testTeardown.Enqueue(tearDown);
 
-    private void AddOnFixtureTearDown(Action tearDown) => _fixtureTeardown.Add(tearDown);
+    protected void AddOnFixtureTearDown(Action tearDown) => _fixtureTeardown.Add(tearDown);
 
     [SetUp]
-    public void SetUp_Logging() =>
-        TestContext.Out.Write($"Start test {s_testCount++}: {TestContext.CurrentContext.Test.Name}");
+    public virtual void SetUp_Logging() =>
+        TestContext.Out.Write($"Start test {TestCount++}: {TestContext.CurrentContext.Test.Name}");
 
     [TearDown]
     public void TearDown_Logging() =>
@@ -114,130 +107,62 @@ public abstract class UmbracoIntegrationTestBase
         return NullLoggerFactory.Instance;
     }
 
-    protected void UseTestDatabase(IApplicationBuilder app)
-        => UseTestDatabase(app.ApplicationServices);
-
     protected void UseTestDatabase(IServiceProvider serviceProvider)
-    {
-        var state = serviceProvider.GetRequiredService<IRuntimeState>();
-        var testDatabaseFactoryProvider = serviceProvider.GetRequiredService<TestUmbracoDatabaseFactoryProvider>();
-        var databaseFactory = serviceProvider.GetRequiredService<IUmbracoDatabaseFactory>();
-        var loggerFactory = serviceProvider.GetRequiredService<ILoggerFactory>();
-        var connectionStrings = serviceProvider.GetRequiredService<IOptionsMonitor<ConnectionStrings>>();
-        var eventAggregator = serviceProvider.GetRequiredService<IEventAggregator>();
-
-        // This will create a db, install the schema and ensure the app is configured to run
-        SetupTestDatabase(testDatabaseFactoryProvider, connectionStrings, databaseFactory, loggerFactory, state);
-
-        if (TestOptions.Database != UmbracoTestOptions.Database.None)
-        {
-            eventAggregator.Publish(new UnattendedInstallNotification());
-        }
-
-    }
-
-    private void ConfigureTestDatabaseFactory(
-        TestDbMeta meta,
-        IUmbracoDatabaseFactory factory,
-        IRuntimeState state,
-        IOptionsMonitor<ConnectionStrings> connectionStrings)
-    {
-        // It's just been pulled from container and wasn't used to create test database
-        Assert.IsFalse(factory.Configured);
-
-        factory.Configure(meta.ToStronglyTypedConnectionString());
-        connectionStrings.CurrentValue.ConnectionString = meta.ConnectionString;
-        connectionStrings.CurrentValue.ProviderName = meta.Provider;
-        state.DetermineRuntimeLevel();
-    }
-
-    private void SetupTestDatabase(
-        TestUmbracoDatabaseFactoryProvider testUmbracoDatabaseFactoryProvider,
-        IOptionsMonitor<ConnectionStrings> connectionStrings,
-        IUmbracoDatabaseFactory databaseFactory,
-        ILoggerFactory loggerFactory,
-        IRuntimeState runtimeState)
     {
         if (TestOptions.Database == UmbracoTestOptions.Database.None)
         {
             return;
         }
 
-        var db = GetOrCreateDatabase(loggerFactory, testUmbracoDatabaseFactoryProvider);
+        var state = serviceProvider.GetRequiredService<IRuntimeState>();
+        var databaseFactory = serviceProvider.GetRequiredService<IUmbracoDatabaseFactory>();
+        var connectionStrings = serviceProvider.GetRequiredService<IOptionsMonitor<ConnectionStrings>>();
 
-        switch (TestOptions.Database)
+        var db = GetOrCreateDatabase(
+            serviceProvider.GetRequiredService<ILoggerFactory>(),
+            serviceProvider.GetRequiredService<TestUmbracoDatabaseFactoryProvider>());
+
+        TestDbMeta meta = TestOptions.Database switch
         {
-            case UmbracoTestOptions.Database.NewSchemaPerTest:
+            UmbracoTestOptions.Database.NewSchemaPerTest => SetupPerTestDatabase(db, true),
+            UmbracoTestOptions.Database.NewEmptyPerTest => SetupPerTestDatabase(db, false),
+            UmbracoTestOptions.Database.NewSchemaPerFixture => SetupPerFixtureDatabase(db, true),
+            UmbracoTestOptions.Database.NewEmptyPerFixture => SetupPerFixtureDatabase(db, false),
+            _ => throw new ArgumentOutOfRangeException(),
+        };
 
-                // New DB + Schema
-                var newSchemaDbMeta = db.AttachSchema();
-
-                // Add teardown callback
-                AddOnTestTearDown(() => db.Detach(newSchemaDbMeta));
-
-                ConfigureTestDatabaseFactory(newSchemaDbMeta, databaseFactory, runtimeState, connectionStrings);
-
-                Assert.AreEqual(RuntimeLevel.Run, runtimeState.Level);
-
-                break;
-            case UmbracoTestOptions.Database.NewEmptyPerTest:
-                var newEmptyDbMeta = db.AttachEmpty();
-
-                // Add teardown callback
-                AddOnTestTearDown(() => db.Detach(newEmptyDbMeta));
-
-                ConfigureTestDatabaseFactory(newEmptyDbMeta, databaseFactory, runtimeState, connectionStrings);
-
-                Assert.AreEqual(RuntimeLevel.Install, runtimeState.Level);
-
-                break;
-            case UmbracoTestOptions.Database.NewSchemaPerFixture:
-                // Only attach schema once per fixture
-                // Doing it more than once will block the process since the old db hasn't been detached
-                // and it would be the same as NewSchemaPerTest even if it didn't block
-                if (_firstTestInFixture)
-                {
-                    // New DB + Schema
-                    var newSchemaFixtureDbMeta = db.AttachSchema();
-                    s_fixtureDbMeta = newSchemaFixtureDbMeta;
-
-                    // Add teardown callback
-                    AddOnFixtureTearDown(() => db.Detach(newSchemaFixtureDbMeta));
-                }
-
-                ConfigureTestDatabaseFactory(s_fixtureDbMeta, databaseFactory, runtimeState, connectionStrings);
-
-                break;
-            case UmbracoTestOptions.Database.NewEmptyPerFixture:
-                // Only attach schema once per fixture
-                // Doing it more than once will block the process since the old db hasn't been detached
-                // and it would be the same as NewSchemaPerTest even if it didn't block
-                if (_firstTestInFixture)
-                {
-                    // New DB + Schema
-                    var newEmptyFixtureDbMeta = db.AttachEmpty();
-                    s_fixtureDbMeta = newEmptyFixtureDbMeta;
-
-                    // Add teardown callback
-                    AddOnFixtureTearDown(() => db.Detach(newEmptyFixtureDbMeta));
-                }
-
-                ConfigureTestDatabaseFactory(s_fixtureDbMeta, databaseFactory, runtimeState, connectionStrings);
-
-                break;
-            default:
-                throw new ArgumentOutOfRangeException(nameof(TestOptions), TestOptions, null);
-        }
+        databaseFactory.Configure(meta.ToStronglyTypedConnectionString());
+        connectionStrings.CurrentValue.ConnectionString = meta.ConnectionString;
+        connectionStrings.CurrentValue.ProviderName = meta.Provider;
+        state.DetermineRuntimeLevel();
+        serviceProvider.GetRequiredService<IEventAggregator>().Publish(new UnattendedInstallNotification());
     }
 
+    private TestDbMeta SetupPerTestDatabase(ITestDatabase db, bool withSchema)
+    {
+        var meta = withSchema ? db.AttachSchema() : db.AttachEmpty();
+        AddOnTestTearDown(() => db.Detach(meta));
+        return meta;
+    }
+
+    private TestDbMeta SetupPerFixtureDatabase(ITestDatabase db, bool withSchema)
+    {
+        if (_firstTestInFixture)
+        {
+            _fixtureDbMeta = withSchema ? db.AttachSchema() : db.AttachEmpty();
+            AddOnFixtureTearDown(() => db.Detach(_fixtureDbMeta));
+        }
+
+        return _fixtureDbMeta;
+    }
 
     private ITestDatabase GetOrCreateDatabase(ILoggerFactory loggerFactory, TestUmbracoDatabaseFactoryProvider dbFactory)
     {
-        lock (s_dbLocker)
+        lock (_dbLocker)
         {
-            if (s_dbInstance != null)
+            if (_dbInstance != null)
             {
-                return s_dbInstance;
+                return _dbInstance;
             }
 
             var settings = new TestDatabaseSettings
@@ -248,15 +173,14 @@ public abstract class UmbracoIntegrationTestBase
                 PrepareThreadCount = Configuration.GetValue<int>("Tests:Database:PrepareThreadCount"),
                 EmptyDatabasesCount = Configuration.GetValue<int>("Tests:Database:EmptyDatabasesCount"),
                 SchemaDatabaseCount = Configuration.GetValue<int>("Tests:Database:SchemaDatabaseCount"),
-                SQLServerMasterConnectionString =
-                    Configuration.GetValue<string>("Tests:Database:SQLServerMasterConnectionString")
+                SQLServerMasterConnectionString = Configuration.GetValue<string>("Tests:Database:SQLServerMasterConnectionString"),
             };
 
             Directory.CreateDirectory(settings.FilesPath);
 
-            s_dbInstance = TestDatabaseFactory.Create(settings, dbFactory, loggerFactory);
+            _dbInstance = TestDatabaseFactory.Create(settings, dbFactory, loggerFactory);
 
-            return s_dbInstance;
+            return _dbInstance;
         }
     }
 }