diff --git a/test/scenarios/default.py b/test/scenarios/default.py
index 0d6c4c3..8d942d3 100644
--- a/test/scenarios/default.py
+++ b/test/scenarios/default.py
@@ -7,6 +7,15 @@ succeed('[[ $(stat -c "%U:%G %a" /secrets/dummy) = "root:root 440" ]]')
 assert_running("bitcoind")
 machine.wait_until_succeeds("bitcoin-cli getnetworkinfo")
 assert_matches("su operator -c 'bitcoin-cli getnetworkinfo' | jq", '"version"')
+# Test RPC Whitelist
+machine.wait_until_succeeds("su operator -c 'bitcoin-cli help'")
+# Restating rpcuser & rpcpassword overrides privileged credentials
+machine.fail(
+    "bitcoin-cli -rpcuser=publicrpc -rpcpassword=$(cat /secrets/bitcoin-rpcpassword-public) help"
+)
+machine.wait_until_succeeds(
+    log_has_string("bitcoind", "RPC User publicrpc not allowed to call method help")
+)
 
 assert_running("electrs")
 machine.wait_for_open_port(4224)  # prometeus metrics provider
diff --git a/test/scenarios/withnetns.py b/test/scenarios/withnetns.py
index d07480b..c79162d 100644
--- a/test/scenarios/withnetns.py
+++ b/test/scenarios/withnetns.py
@@ -19,6 +19,15 @@ succeed('[[ $(stat -c "%U:%G %a" /secrets/dummy) = "root:root 440" ]]')
 assert_running("bitcoind")
 machine.wait_until_succeeds("bitcoin-cli getnetworkinfo")
 assert_matches("su operator -c 'bitcoin-cli getnetworkinfo' | jq", '"version"')
+# Test RPC Whitelist
+machine.wait_until_succeeds("su operator -c 'bitcoin-cli help'")
+# Restating rpcuser & rpcpassword overrides privileged credentials
+machine.fail(
+    "bitcoin-cli -rpcuser=publicrpc -rpcpassword=$(cat /secrets/bitcoin-rpcpassword-public) help"
+)
+machine.wait_until_succeeds(
+    log_has_string("bitcoind", "RPC User publicrpc not allowed to call method help")
+)
 
 assert_running("electrs")
 machine.wait_until_succeeds(