diff --git a/.github/integration/sda-s3-integration.yml b/.github/integration/sda-s3-integration.yml
index 7ff6d2ab6..bedb2577e 100644
--- a/.github/integration/sda-s3-integration.yml
+++ b/.github/integration/sda-s3-integration.yml
@@ -289,9 +289,8 @@ services:
       rabbitmq:
         condition: service_healthy
     environment:
-      - BROKER_PASSWORD=ingest
-      - BROKER_USER=ingest
-      - BROKER_ROUTINGKEY=ingest
+      - BROKER_PASSWORD=api
+      - BROKER_USER=api
       - DB_PASSWORD=api
       - DB_USER=api
     image: ghcr.io/neicnordic/sensitive-data-archive:PR${PR_NUMBER}
diff --git a/.github/integration/tests/sda/01_install_dependencies.sh b/.github/integration/tests/sda/01_install_dependencies.sh
new file mode 100644
index 000000000..9020696c1
--- /dev/null
+++ b/.github/integration/tests/sda/01_install_dependencies.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -e
+
+# install tools if missing
+for t in curl expect jq openssh-client postgresql-client xxd; do
+    if [ ! "$(command -v $t)" ]; then
+        if [ "$(id -u)" != 0 ]; then
+            echo "$t is missing, unable to install it"
+            exit 1
+        fi
+
+        apt-get -o DPkg::Lock::Timeout=60 update >/dev/null
+        apt-get -o DPkg::Lock::Timeout=60 install -y "$t" >/dev/null
+    fi
+done
diff --git a/.github/integration/tests/sda/09_healthchecks.sh b/.github/integration/tests/sda/09_healthchecks.sh
index f1dc369c8..c58c84c8e 100644
--- a/.github/integration/tests/sda/09_healthchecks.sh
+++ b/.github/integration/tests/sda/09_healthchecks.sh
@@ -1,20 +1,6 @@
 #!/bin/sh
 set -e
 
-# install tools if missing
-for t in curl  jq ; do
-    if [ ! "$(command -v $t)" ]; then
-        if [ "$(id -u)" != 0 ]; then
-            echo "$t is missing, unable to install it"
-            exit 1
-        fi
-
-        apt-get -o DPkg::Lock::Timeout=60 update >/dev/null
-        apt-get -o DPkg::Lock::Timeout=60 install -y "$t" >/dev/null
-    fi
-done
-
-
 # Test the s3inbox's healthchecks, GET /health and HEAD /
 response="$(curl -s -k -LI "http://s3inbox:8000" -o /dev/null -w "%{http_code}\n")"
 if [ "$response" != "200" ]; then
diff --git a/.github/integration/tests/sda/10_upload_test.sh b/.github/integration/tests/sda/10_upload_test.sh
index 266f73c7b..b3b837f0a 100644
--- a/.github/integration/tests/sda/10_upload_test.sh
+++ b/.github/integration/tests/sda/10_upload_test.sh
@@ -6,19 +6,6 @@ if [ -z "$STORAGETYPE" ]; then
     exit 1
 fi
 
-# install tools if missing
-for t in curl expect jq openssh-client postgresql-client; do
-    if [ ! "$(command -v $t)" ]; then
-        if [ "$(id -u)" != 0 ]; then
-            echo "$t is missing, unable to install it"
-            exit 1
-        fi
-
-        apt-get -o DPkg::Lock::Timeout=60 update >/dev/null
-        apt-get -o DPkg::Lock::Timeout=60 install -y "$t" >/dev/null
-    fi
-done
-
 cd shared || true
 
 ## verify that messages exists in MQ
diff --git a/.github/integration/tests/sda/11_api-getfiles_test.sh b/.github/integration/tests/sda/11_api-getfiles_test.sh
index fb168da50..a99bb9eaa 100644
--- a/.github/integration/tests/sda/11_api-getfiles_test.sh
+++ b/.github/integration/tests/sda/11_api-getfiles_test.sh
@@ -3,11 +3,39 @@ set -e
 
 # Test the API files endpoint
 token="$(curl http://oidc:8080/tokens | jq -r '.[0]')"
-curl -k -L "http://api:8080/files" -H "Authorization: Bearer $token"
-response="$(curl -k -L "http://api:8080/files" -H "Authorization: Bearer $token" | jq -r 'sort_by(.inboxPath)|.[-1].fileStatus')"
+response="$(curl -s -k -L "http://api:8080/files" -H "Authorization: Bearer $token" | jq -r 'sort_by(.inboxPath)|.[-1].fileStatus')"
 if [ "$response" != "uploaded" ]; then
 	echo "API returned incorrect value, expected ready got: $response"
 	exit 1
 fi
 
+# test inserting a c4gh public key hash
+payload=$(
+	jq -c -n \
+		--arg description "this is the key description" \
+		--arg pubkey "$( base64 -w0 /shared/c4gh.pub.pem)" \
+		'$ARGS.named'
+)
+
+resp="$(curl -s -k -L -o /dev/null -w "%{http_code}\n" -H "Authorization: Bearer $token" -H "Content-Type: application/json" -X POST -d "$payload" "http://api:8080/c4gh-keys/add")"
+if [ "$resp" != "200" ]; then
+	echo "Error when adding a public key hash, expected 200 got: $resp"
+	exit 1
+fi
+
+# again to verify we get an error
+resp="$(curl -s -k -L  -o /dev/null -w "%{http_code}\n" -H "Authorization: Bearer $token" -H "Content-Type: application/json" -X POST -d "$payload" "http://api:8080/c4gh-keys/add")"
+if [ "$resp" != "409" ]; then
+	echo "Error when adding a public key hash, expected 409 got: $resp"
+	exit 1
+fi
+
+manual_hash=$(sed -n '2p' /shared/c4gh.pub.pem | base64 -d -w0 | xxd -c64 -ps)
+
+db_hash=$(psql -U postgres -h postgres -d sda -At -c "SELECT key_hash FROM sda.encryption_keys WHERE description = 'this is the key description';")
+if [ "$db_hash" != "$manual_hash" ]; then
+	echo "wrong hash in the database, expected $manual_hash got $db_hash"
+	exit 1
+fi
+
 echo "api test completed successfully"