diff --git a/app/controllers/repp/v1/domains/statuses_controller.rb b/app/controllers/repp/v1/domains/statuses_controller.rb
index 22e73df60..ee15655df 100644
--- a/app/controllers/repp/v1/domains/statuses_controller.rb
+++ b/app/controllers/repp/v1/domains/statuses_controller.rb
@@ -6,9 +6,9 @@ module Repp
         before_action :verify_status
 
         api :DELETE, '/repp/v1/domains/:domain_name/statuses/:status'
+        param :domain_name, String, desc: 'Domain name'
+        param :status, String, desc: 'Status to be removed'
         desc 'Remove status from specific domain'
-        param :domain_name, String, required: true, desc: 'Domain name'
-        param :status, String, required: true, desc: 'Status to be removed'
         def destroy
           return editing_failed unless domain_with_status?(params[:id])
 
@@ -21,9 +21,9 @@ module Repp
         end
 
         api :PUT, '/repp/v1/domains/:domain_name/statuses/:status'
+        param :domain_name, String, desc: 'Domain name'
+        param :status, String, desc: 'Status to be added'
         desc 'Add status to specific domain'
-        param :domain_name, String, required: true, desc: 'Domain name'
-        param :status, String, required: true, desc: 'Status to be added'
         def update
           return editing_failed if domain_with_status?(params[:id])
 
@@ -37,8 +37,8 @@ module Repp
 
         private
 
-        def domain_with_status?
-          @domain.statuses.include?(params[:id])
+        def domain_with_status?(status)
+          @domain.statuses.include?(status)
         end
 
         def verify_status
diff --git a/test/integration/repp/v1/domains/statuses_test.rb b/test/integration/repp/v1/domains/statuses_test.rb
new file mode 100644
index 000000000..271752ae3
--- /dev/null
+++ b/test/integration/repp/v1/domains/statuses_test.rb
@@ -0,0 +1,82 @@
+require 'test_helper'
+
+class ReppV1DomainsStatusesTest < ActionDispatch::IntegrationTest
+  def setup
+    @user = users(:api_bestnames)
+    @domain = domains(:shop)
+    token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
+    token = "Basic #{token}"
+
+    @auth_headers = { 'Authorization' => token }
+  end
+
+  def test_client_hold_can_be_added
+    refute @domain.statuses.include?(DomainStatus::CLIENT_HOLD)
+    put repp_v1_domain_status_path(domain_id: @domain.name, id: DomainStatus::CLIENT_HOLD), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :ok
+    @domain.reload
+
+    assert @domain.statuses.include?(DomainStatus::CLIENT_HOLD)
+  end
+
+  def test_client_hold_can_be_removed
+    statuses = @domain.statuses << DomainStatus::CLIENT_HOLD
+    @domain.update(statuses: statuses)
+    delete repp_v1_domain_status_path(domain_id: @domain.name, id: DomainStatus::CLIENT_HOLD), headers: @auth_headers
+
+    assert_response :ok
+    @domain.reload
+    refute @domain.statuses.include?(DomainStatus::CLIENT_HOLD)
+  end
+
+  def test_can_not_remove_disallowed_statuses
+    statuses = @domain.statuses << DomainStatus::FORCE_DELETE
+    @domain.update(statuses: statuses)
+
+    delete repp_v1_domain_status_path(domain_id: @domain.name, id: DomainStatus::FORCE_DELETE), headers: @auth_headers
+    @domain.reload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 'Parameter value policy error. Client-side object status management not supported: status serverForceDelete', json[:message]
+
+    assert @domain.statuses.include?(DomainStatus::FORCE_DELETE)
+  end
+
+  def test_can_not_add_disallowed_statuses
+    put repp_v1_domain_status_path(domain_id: @domain.name, id: DomainStatus::DELETE_CANDIDATE), headers: @auth_headers
+    @domain.reload
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 'Parameter value policy error. Client-side object status management not supported: status deleteCandidate', json[:message]
+
+    refute @domain.statuses.include?(DomainStatus::DELETE_CANDIDATE)
+  end
+
+  def test_can_not_remove_unexistant_status
+    refute @domain.statuses.include?(DomainStatus::CLIENT_HOLD)
+    delete repp_v1_domain_status_path(domain_id: @domain.name, id: DomainStatus::CLIENT_HOLD), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :bad_request
+    assert_equal 'Parameter value policy error. Client-side object status management not supported: status clientHold', json[:message]
+  end
+
+  def test_returns_normal_error_when_action_fails
+    @invalid_domain = domains(:invalid)
+
+    put repp_v1_domain_status_path(domain_id: @invalid_domain.name, id: DomainStatus::CLIENT_HOLD), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :bad_request
+    assert_equal 2304, json[:code]
+
+    delete repp_v1_domain_status_path(domain_id: @invalid_domain.name, id: DomainStatus::FORCE_DELETE), headers: @auth_headers
+    json = JSON.parse(response.body, symbolize_names: true)
+    assert_response :bad_request
+    assert_equal 2306, json[:code]
+  end
+
+end