diff --git a/monkey/tests/monkey_island/stub_propagation_credentials_repository.py b/monkey/tests/monkey_island/stub_propagation_credentials_repository.py
index 237d28b85..ccf72a9ec 100644
--- a/monkey/tests/monkey_island/stub_propagation_credentials_repository.py
+++ b/monkey/tests/monkey_island/stub_propagation_credentials_repository.py
@@ -25,7 +25,10 @@ class StubPropagationCredentialsRepository(ICredentialsRepository):
         pass
 
     def get_stolen_credentials(self) -> Sequence[Credentials]:
-        pass
+        return [
+            Credentials.from_mapping(PROPAGATION_CREDENTIALS_1, monkey_guid="some_guid"),
+            Credentials.from_mapping(PROPAGATION_CREDENTIALS_2, monkey_guid="second_guid"),
+        ]
 
     def get_all_credentials(self) -> Sequence[Credentials]:
 
diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/__init__.py b/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/conftest.py b/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/conftest.py
new file mode 100644
index 000000000..ab1bee2af
--- /dev/null
+++ b/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/conftest.py
@@ -0,0 +1,15 @@
+import pytest
+from tests.common import StubDIContainer
+from tests.monkey_island import StubPropagationCredentialsRepository
+
+from monkey_island.cc.repository import ICredentialsRepository
+
+
+@pytest.fixture
+def flask_client(build_flask_client):
+    container = StubDIContainer()
+
+    container.register(ICredentialsRepository, StubPropagationCredentialsRepository)
+
+    with build_flask_client(container) as flask_client:
+        yield flask_client
diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_configured_propagation_credentials.py b/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_configured_propagation_credentials.py
new file mode 100644
index 000000000..03d6a2414
--- /dev/null
+++ b/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_configured_propagation_credentials.py
@@ -0,0 +1,43 @@
+import json
+
+from tests.monkey_island import PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2
+from tests.unit_tests.monkey_island.conftest import get_url_for_resource
+
+from monkey_island.cc.resources.credentials.configured_propagation_credentials import (
+    ConfiguredPropagationCredentials,
+)
+from monkey_island.cc.resources.credentials.stolen_propagation_credentials import (
+    StolenPropagationCredentials,
+)
+
+
+def test_configured_propagation_credentials_endpoint_get(flask_client):
+    configured_propagation_credentials_url = get_url_for_resource(ConfiguredPropagationCredentials)
+
+    resp = flask_client.get(configured_propagation_credentials_url)
+
+    assert resp.status_code == 200
+    actual_propagation_credentials = json.loads(resp.data)
+    assert len(actual_propagation_credentials) == 2
+
+    # TODO: delete the removal of monkey_guid key when the serialization of credentials
+    del actual_propagation_credentials[0]["monkey_guid"]
+    assert actual_propagation_credentials[0] == PROPAGATION_CREDENTIALS_1
+    del actual_propagation_credentials[1]["monkey_guid"]
+    assert actual_propagation_credentials[1] == PROPAGATION_CREDENTIALS_2
+
+
+def test_configured_propagation_credentials_endpoint_post(flask_client):
+    configured_propagation_credentials_url = get_url_for_resource(ConfiguredPropagationCredentials)
+
+    resp = flask_client.post(configured_propagation_credentials_url, json=PROPAGATION_CREDENTIALS_1)
+
+    assert resp.status_code == 204
+
+
+def test_configured_propagation_credentials_endpoint_delete(flask_client):
+    configured_propagation_credentials_url = get_url_for_resource(ConfiguredPropagationCredentials)
+
+    resp = flask_client.delete(configured_propagation_credentials_url)
+
+    assert resp.status_code == 204
diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/test_propagation_credentials.py b/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_propagation_credentials.py
similarity index 100%
rename from monkey/tests/unit_tests/monkey_island/cc/resources/test_propagation_credentials.py
rename to monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_propagation_credentials.py
diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_stolen_propagation_credentials.py b/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_stolen_propagation_credentials.py
new file mode 100644
index 000000000..75976fb1d
--- /dev/null
+++ b/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_stolen_propagation_credentials.py
@@ -0,0 +1,40 @@
+import json
+
+from tests.monkey_island import PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2
+from tests.unit_tests.monkey_island.conftest import get_url_for_resource
+
+from monkey_island.cc.resources.credentials.stolen_propagation_credentials import (
+    StolenPropagationCredentials,
+)
+
+
+def test_stolen_propagation_credentials_endpoint_get(flask_client):
+    stolen_propagation_credentials_url = get_url_for_resource(StolenPropagationCredentials)
+
+    resp = flask_client.get(stolen_propagation_credentials_url)
+
+    assert resp.status_code == 200
+    actual_propagation_credentials = json.loads(resp.data)
+    assert len(actual_propagation_credentials) == 2
+
+    # TODO: delete the removal of monkey_guid key when the serialization of credentials
+    del actual_propagation_credentials[0]["monkey_guid"]
+    assert actual_propagation_credentials[0] == PROPAGATION_CREDENTIALS_1
+    del actual_propagation_credentials[1]["monkey_guid"]
+    assert actual_propagation_credentials[1] == PROPAGATION_CREDENTIALS_2
+
+
+def test_stolen_propagation_credentials_endpoint_post(flask_client):
+    stolen_propagation_credentials_url = get_url_for_resource(StolenPropagationCredentials)
+
+    resp = flask_client.post(stolen_propagation_credentials_url, json=PROPAGATION_CREDENTIALS_1)
+
+    assert resp.status_code == 204
+
+
+def test_stolen_propagation_credentials_endpoint_delete(flask_client):
+    stolen_propagation_credentials_url = get_url_for_resource(StolenPropagationCredentials)
+
+    resp = flask_client.delete(stolen_propagation_credentials_url)
+
+    assert resp.status_code == 204