diff --git a/api.planx.uk/modules/file/file.test.ts b/api.planx.uk/modules/file/file.test.ts
index 5364319cb8..4495281c63 100644
--- a/api.planx.uk/modules/file/file.test.ts
+++ b/api.planx.uk/modules/file/file.test.ts
@@ -43,23 +43,10 @@ describe("File upload", () => {
 
   describe("Private", () => {
     const ENDPOINT = "/file/private/upload";
-    const auth = authHeader({ role: "teamEditor" });
-
-    it("returns an error if authorization headers are not set", async () => {
-      await supertest(app)
-        .post("/flows/1/move/new-team")
-        .expect(401)
-        .then((res) => {
-          expect(res.body).toEqual({
-            error: "No authorization token was found",
-          });
-        });
-    });
 
     it("should not upload without filename", async () => {
       await supertest(app)
         .post(ENDPOINT)
-        .set(auth)
         .field("filename", "")
         .attach("file", Buffer.from("some data"), "some_file.txt")
         .expect(400)
@@ -73,7 +60,6 @@ describe("File upload", () => {
     it("should not upload without file", async () => {
       await supertest(app)
         .post(ENDPOINT)
-        .set(auth)
         .field("filename", "some filename")
         .expect(500)
         .then((res) => {
@@ -85,7 +71,6 @@ describe("File upload", () => {
     it("should upload file", async () => {
       await supertest(app)
         .post(ENDPOINT)
-        .set(auth)
         .field("filename", "some_file.txt")
         .attach("file", Buffer.from("some data"), "some_file.txt")
         .then((res) => {
@@ -107,7 +92,6 @@ describe("File upload", () => {
 
       await supertest(app)
         .post("/file/private/upload")
-        .set(auth)
         .field("filename", "some_file.txt")
         .attach("file", Buffer.from("some data"), "some_file.txt")
         .expect(500)
@@ -121,9 +105,23 @@ describe("File upload", () => {
   describe("Public", () => {
     const ENDPOINT = "/file/public/upload";
 
+    const auth = authHeader({ role: "teamEditor" });
+
+    it("returns an error if authorization headers are not set", async () => {
+      await supertest(app)
+        .post("/flows/1/move/new-team")
+        .expect(401)
+        .then((res) => {
+          expect(res.body).toEqual({
+            error: "No authorization token was found",
+          });
+        });
+    });
+
     it("should not upload without filename", async () => {
       await supertest(app)
         .post(ENDPOINT)
+        .set(auth)
         .field("filename", "")
         .attach("file", Buffer.from("some data"), "some_file.txt")
         .expect(400)
@@ -137,6 +135,7 @@ describe("File upload", () => {
     it("should not upload without file", async () => {
       await supertest(app)
         .post(ENDPOINT)
+        .set(auth)
         .field("filename", "some filename")
         .expect(500)
         .then((res) => {
@@ -148,6 +147,7 @@ describe("File upload", () => {
     it("should upload file", async () => {
       await supertest(app)
         .post(ENDPOINT)
+        .set(auth)
         .field("filename", "some_file.txt")
         .attach("file", Buffer.from("some data"), "some_file.txt")
         .then((res) => {
@@ -169,6 +169,7 @@ describe("File upload", () => {
 
       await supertest(app)
         .post(ENDPOINT)
+        .set(auth)
         .field("filename", "some_file.txt")
         .attach("file", Buffer.from("some data"), "some_file.txt")
         .expect(500)