diff --git a/_regroup/test-etapi/patch-note.http b/_regroup/test-etapi/patch-note.http
deleted file mode 100644
index 24b9251d2..000000000
--- a/_regroup/test-etapi/patch-note.http
+++ /dev/null
@@ -1,83 +0,0 @@
-POST {{triliumHost}}/etapi/create-note
-Authorization: {{authToken}}
-Content-Type: application/json
-
-{
-  "parentNoteId": "root",
-  "title": "Hello",
-  "type": "code",
-  "mime": "application/json",
-  "content": "{}"
-}
-
-> {% client.global.set("createdNoteId", response.body.note.noteId); %}
-
-###
-
-GET {{triliumHost}}/etapi/notes/{{createdNoteId}}
-Authorization: {{authToken}}
-
-> {%
-client.assert(response.status === 200);
-client.assert(response.body.title === 'Hello');
-client.assert(response.body.type === 'code');
-client.assert(response.body.mime === 'application/json');
-%}
-
-###
-
-PATCH {{triliumHost}}/etapi/notes/{{createdNoteId}}
-Authorization: {{authToken}}
-Content-Type: application/json
-
-{
-  "title": "Wassup",
-  "type": "html",
-  "mime": "text/html",
-  "dateCreated": "2023-08-21 23:38:51.123+0200",
-  "utcDateCreated": "2023-08-21 23:38:51.123Z"
-}
-
-###
-
-GET {{triliumHost}}/etapi/notes/{{createdNoteId}}
-Authorization: {{authToken}}
-
-> {%
-client.assert(response.status === 200);
-client.assert(response.body.title === 'Wassup');
-client.assert(response.body.type === 'html');
-client.assert(response.body.mime === 'text/html');
-client.assert(response.body.dateCreated == "2023-08-21 23:38:51.123+0200");
-client.assert(response.body.utcDateCreated == "2023-08-21 23:38:51.123Z");
-%}
-
-###
-
-PATCH {{triliumHost}}/etapi/notes/{{createdNoteId}}
-Authorization: {{authToken}}
-Content-Type: application/json
-
-{
-  "isProtected": true
-}
-
-> {%
-    client.assert(response.status === 400);
-    client.assert(response.body.code == "PROPERTY_NOT_ALLOWED");
-%}
-
-###
-
-PATCH {{triliumHost}}/etapi/notes/{{createdNoteId}}
-Authorization: {{authToken}}
-Content-Type: application/json
-
-{
-  "title": true
-}
-
-> {%
-    client.assert(response.status === 400);
-    client.assert(response.body.code == "PROPERTY_VALIDATION_ERROR");
-%}
diff --git a/apps/server/spec/etapi/patch-note.spec.ts b/apps/server/spec/etapi/patch-note.spec.ts
new file mode 100644
index 000000000..6b833a43c
--- /dev/null
+++ b/apps/server/spec/etapi/patch-note.spec.ts
@@ -0,0 +1,89 @@
+import { Application } from "express";
+import { beforeAll, describe, expect, it } from "vitest";
+import supertest from "supertest";
+import { login } from "./utils.js";
+import config from "../../src/services/config.js";
+
+let app: Application;
+let token: string;
+
+const USER = "etapi";
+let createdNoteId: string;
+
+describe("etapi/patch-note", () => {
+    beforeAll(async () => {
+        config.General.noAuthentication = false;
+        const buildApp = (await (import("../../src/app.js"))).default;
+        app = await buildApp();
+        token = await login(app);
+
+        const response = await supertest(app)
+            .post("/etapi/create-note")
+            .auth("etapi", token, { "type": "basic"})
+            .send({
+                "parentNoteId": "root",
+                "title": "Hello",
+                "type": "code",
+                "mime": "application/json",
+                "content": "{}"
+            })
+            .expect(201);
+
+        const createdNoteId = response.body.note.noteId as string;
+        expect(createdNoteId).toBeTruthy();
+    });
+
+    it("obtains correct note information", async () => {
+        expectNoteToMatch({
+            title: "Hello",
+            type: "code",
+            mime: "application/json"
+        });
+    });
+
+    it("patches type, mime and creation dates", async () => {
+        const changes = {
+            "title": "Wassup",
+            "type": "html",
+            "mime": "text/html",
+            "dateCreated": "2023-08-21 23:38:51.123+0200",
+            "utcDateCreated": "2023-08-21 23:38:51.123Z"
+        };
+        await supertest(app)
+            .patch(`/etapi/notes/${createdNoteId}`)
+            .auth("etapi", token, { "type": "basic"})
+            .send(changes)
+            .expect(200);
+        await expectNoteToMatch(changes);
+    });
+
+    it("refuses setting protection", async () => {
+        const response = await supertest(app)
+            .patch(`/etapi/notes/${createdNoteId}`)
+            .auth("etapi", token, { "type": "basic"})
+            .send({
+                isProtected: true
+            })
+            .expect(400);
+        expect(response.body.code).toStrictEqual("PROPERTY_NOT_ALLOWED");
+    });
+
+    it("refuses incorrect type", async () => {
+        const response = await supertest(app)
+            .patch(`/etapi/notes/${createdNoteId}`)
+            .auth("etapi", token, { "type": "basic"})
+            .send({
+                title: true
+            })
+            .expect(400);
+        expect(response.body.code).toStrictEqual("PROPERTY_VALIDATION_ERROR");
+    });
+
+    async function expectNoteToMatch(state: object) {
+        const response = await supertest(app)
+            .get(`/etapi/notes/${createdNoteId}`)
+            .auth("etapi", token, { "type": "basic"})
+            .expect(200);
+        expect(response.body).toMatchObject(state);
+    }
+});