diff --git a/tests/admin/test_admin_users.py b/tests/admin/test_admin_users.py
index 152442f48..1f0060eea 100644
--- a/tests/admin/test_admin_users.py
+++ b/tests/admin/test_admin_users.py
@@ -99,6 +99,34 @@ def test_delete_user(db_session, awg_users, cloud_manager):
     assert user_groups == []
 
 
+def test_soft_delete_user(db_session, awg_users):
+    """
+    Tests adm.soft_delete_user() by querying an existing User,
+    asserting it is not inactive, and then checking it became inactive
+    after it was soft-deleted.
+    """
+    username = "awg_user"
+    user = db_session.query(User).filter(User.username == username).first()
+    assert user != None
+    assert user.username == username
+    assert user.active is None
+    adm.soft_delete_user(db_session, username)
+    user = db_session.query(User).filter(User.username == username).first()
+    assert user != None
+    assert user.username == username
+    # soft-deleted user should have "active" explicitly set to False now:
+    assert user.active == False
+
+
+def test_soft_delete_user_not_found(db_session, awg_users):
+    """
+    Check that adm.soft_delete_user() fails with NotFound
+    when called for a username that is not found in db.
+    """
+    with pytest.raises(NotFound, match="user non_existing_user not found"):
+        adm.soft_delete_user(db_session, "non_existing_user")
+
+
 def test_update_user_without_conflict(db_session, awg_users, oauth_client):
     user = db_session.query(User).filter(User.username == "awg_user").first()
     assert user != None
diff --git a/tests/admin/test_admin_users_endpoints.py b/tests/admin/test_admin_users_endpoints.py
index f8ee5dedf..b3e601f87 100644
--- a/tests/admin/test_admin_users_endpoints.py
+++ b/tests/admin/test_admin_users_endpoints.py
@@ -691,6 +691,52 @@ def assert_google_proxy_group_data_deleted(db_session):
     assert len(gbag) == 1
 
 
+def test_soft_delete_user_username(
+    client,
+    encoded_admin_jwt,
+    db_session,
+    load_non_google_user_data,
+):
+    """
+    Test soft-delete user endpoint by checking that the result is an
+    deactivated user.
+    """
+    username = "test_user_d"
+    user = db_session.query(User).filter_by(username=username).one()
+    assert user.username == username
+    assert user.active is None
+    # now soft-delete and assert "active" changed to False:
+    r = client.delete(
+        f"/admin/users/{username}/soft",
+        headers={"Authorization": "Bearer " + encoded_admin_jwt},
+    )
+    assert r.status_code == 200
+    assert r.json["username"] == username
+    assert r.json["active"] == False
+    user = db_session.query(User).filter_by(username=username).one()
+    assert user.username == username
+    assert user.active == False
+
+
+def test_soft_delete_user_user_not_found(
+    client,
+    encoded_admin_jwt,
+    db_session,
+):
+    """
+    Test soft-delete user endpoint returns error when user is not found.
+    """
+    username = "non_existing_user"
+    user = db_session.query(User).filter_by(username=username).first()
+    assert user is None
+    # now call soft-delete and assert it fails:
+    r = client.delete(
+        f"/admin/users/{username}/soft",
+        headers={"Authorization": "Bearer " + encoded_admin_jwt},
+    )
+    assert r.status_code == 404
+
+
 def test_delete_user_username(
     app,
     client,