diff --git a/tests/post/features/salt_api.feature b/tests/post/features/salt_api.feature
index 4733b650bb..efe1241d7d 100644
--- a/tests/post/features/salt_api.feature
+++ b/tests/post/features/salt_api.feature
@@ -3,7 +3,8 @@ Feature: SaltAPI
     Scenario: Login to SaltAPI using Basic auth
         Given the Kubernetes API is available
         When we login to SaltAPI as 'admin' using password 'admin'
-        Then we can ping all minions
+        Then authentication succeeds
+        And we can ping all minions
         And we can invoke '[".*"]' on '*'
         And we have '@wheel' perms
         And we have '@runner' perms
@@ -12,7 +13,8 @@ Feature: SaltAPI
     Scenario: Login to SaltAPI using the storage-operator ServiceAccount
         Given the Kubernetes API is available
         When we login to SaltAPI with the ServiceAccount 'kube-system/storage-operator'
-        Then we can invoke '["disk.dump", {"state.sls": {"kwargs": {"mods": r"metalk8s\.volumes.*"}}}]' on '*'
+        Then authentication succeeds
+        And we can invoke '["disk.dump", {"state.sls": {"kwargs": {"mods": r"metalk8s\.volumes.*"}}}]' on '*'
         And we have '@jobs' perms
         And we can not ping all minions
         And we can not run state 'test.nop' on '*'
@@ -20,7 +22,8 @@ Feature: SaltAPI
     Scenario: Login to SaltAPI using any ServiceAccount
         Given the Kubernetes API is available
         When we login to SaltAPI with the ServiceAccount 'kube-system/default'
-        Then we have no permissions
+        Then authentication succeeds
+        And we have no permissions
 
     Scenario: SaltAPI impersonation using a ServiceAccount
         Given the Kubernetes API is available
diff --git a/tests/post/steps/test_salt_api.py b/tests/post/steps/test_salt_api.py
index 0ae7b288ab..00d4a2c00b 100644
--- a/tests/post/steps/test_salt_api.py
+++ b/tests/post/steps/test_salt_api.py
@@ -146,6 +146,12 @@ def run_state_on_targets(host, context, negated, module, targets):
 def authentication_fails(host, context):
     assert context['salt-api']['login-status-code'] == 401
 
+
+@then('authentication succeeds')
+def authentication_succeeds(host, context):
+    assert context['salt-api']['login-status-code'] == 200
+
+
 @then(parsers.parse("we can invoke '{modules}' on '{targets}'"))
 def invoke_module_on_target(host, context, modules, targets):
     assert {targets: ast.literal_eval(modules)} in context['salt-api']['perms']