diff --git a/spec/controllers/api/v1/endorsements_controller_spec.rb b/spec/controllers/api/v1/endorsements_controller_spec.rb
deleted file mode 100644
index 738804bb7..000000000
--- a/spec/controllers/api/v1/endorsements_controller_spec.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-RSpec.describe Api::V1::EndorsementsController do
-  let(:user)  { Fabricate(:user) }
-  let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read:accounts') }
-
-  describe 'GET #index' do
-    it 'returns 200' do
-      allow(controller).to receive(:doorkeeper_token) { token }
-      get :index
-
-      expect(response).to have_http_status(200)
-    end
-  end
-end
diff --git a/spec/requests/api/v1/endorsements_spec.rb b/spec/requests/api/v1/endorsements_spec.rb
new file mode 100644
index 000000000..e267f2abd
--- /dev/null
+++ b/spec/requests/api/v1/endorsements_spec.rb
@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe 'Endorsements' do
+  let(:user)    { Fabricate(:user) }
+  let(:token)   { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
+  let(:headers) { { 'Authorization' => "Bearer #{token.token}" } }
+
+  describe 'GET /api/v1/endorsements' do
+    context 'when not authorized' do
+      it 'returns http unauthorized' do
+        get api_v1_endorsements_path
+
+        expect(response)
+          .to have_http_status(401)
+      end
+    end
+
+    context 'with wrong scope' do
+      before do
+        get api_v1_endorsements_path, headers: headers
+      end
+
+      it_behaves_like 'forbidden for wrong scope', 'write write:accounts'
+    end
+
+    context 'with correct scope' do
+      let(:scopes) { 'read:accounts' }
+
+      context 'with endorsed accounts' do
+        let!(:account_pin) { Fabricate(:account_pin, account: user.account) }
+
+        it 'returns http success and accounts json' do
+          get api_v1_endorsements_path, headers: headers
+
+          expect(response)
+            .to have_http_status(200)
+
+          expect(body_as_json)
+            .to be_present
+            .and have_attributes(
+              first: include(acct: account_pin.target_account.acct)
+            )
+        end
+      end
+
+      context 'without endorsed accounts without json' do
+        it 'returns http success' do
+          get api_v1_endorsements_path, headers: headers
+
+          expect(response)
+            .to have_http_status(200)
+
+          expect(body_as_json)
+            .to_not be_present
+        end
+      end
+    end
+  end
+end