diff --git a/config/api.yml b/config/api.yml
index b7e6d9d6ff..febca2ac87 100644
--- a/config/api.yml
+++ b/config/api.yml
@@ -4603,6 +4603,47 @@
         :identifier:
         - vm_snapshot_delete
         - sui_vm_snapshot_delete
+  :widget_sets:
+    :description: Dashboards
+    :identifier: miq_report_dashboard_editor
+    :options:
+    - :collection
+    :verbs: *gpppd
+    :klass: MiqWidgetSet
+    :collection_actions:
+      :get:
+      - :name: read
+        :identifier: miq_report_dashboard_editor
+      :post:
+      - :name: query
+        :identifier: miq_report_dashboard_editor
+      - :name: create
+        :identifier: db_new
+      - :name: edit
+        :identifier: db_edit
+      - :name: delete
+        :identifier: db_delete
+      :delete:
+      - :name: delete
+        :identifier: db_delete
+    :resource_actions:
+      :get:
+      - :name: read
+        :identifier: miq_report_dashboard_editor
+      :post:
+      - :name: edit
+        :identifier: db_edit
+      - :name: delete
+        :identifier: db_delete
+      :patch:
+      - :name: edit
+        :identifier: db_edit
+      :put:
+      - :name: edit
+        :identifier: db_edit
+      :delete:
+      - :name: delete
+        :identifier: db_delete
   :widgets:
     :description: Miq Widgets
     :identifier: miq_report_widget_admin
diff --git a/spec/requests/widget_sets_spec.rb b/spec/requests/widget_sets_spec.rb
new file mode 100644
index 0000000000..2b6102fc09
--- /dev/null
+++ b/spec/requests/widget_sets_spec.rb
@@ -0,0 +1,118 @@
+describe "Widget Sets API" do
+  let!(:miq_widget_set)       { FactoryBot.create(:miq_widget_set) }
+  let!(:miq_widget_set_other) { FactoryBot.create(:miq_widget_set) }
+  let(:widget_params) do
+    {
+      "name"        => "XXX",
+      "description" => "YYY",
+      "set_data"    => {"col1" => [7, 22, 20]}
+    }
+  end
+
+  context "GET" do
+    it "returns single" do
+      api_basic_authorize collection_action_identifier(:widget_sets, :read, :get)
+
+      get(api_widget_set_url(nil, miq_widget_set))
+
+      expect(response).to have_http_status(:ok)
+      expect(response.parsed_body['id'].to_i).to eq(miq_widget_set.id)
+    end
+
+    it "returns all widget sets" do
+      api_basic_authorize collection_action_identifier(:widget_sets, :read, :get)
+
+      get(api_widget_sets_url)
+
+      expect(response).to have_http_status(:ok)
+      widget_sets_hrefs = response.parsed_body['resources'].map { |x| x['href'] }
+      all_widget_sets_hrefs = MiqWidgetSet.all.map { |ws| api_widget_set_url(nil, ws) }
+      expect(widget_sets_hrefs).to match_array(all_widget_sets_hrefs)
+    end
+
+    it "doesn't find widget set" do
+      api_basic_authorize collection_action_identifier(:widget_sets, :read, :get)
+
+      get(api_widget_set_url(nil, 999_999))
+
+      expect(response).to have_http_status(:not_found)
+    end
+
+    it "forbids action get for non-super-admin user" do
+      expect_forbidden_request do
+        get(api_widget_set_url(nil, miq_widget_set))
+      end
+    end
+  end
+
+  context "POST" do
+    it "creates widget set" do
+      api_basic_authorize collection_action_identifier(:widget_sets, :create, :post)
+
+      post api_widget_sets_url, :params => gen_request(:create, widget_params)
+
+      expect(response).to have_http_status(:ok)
+      expect(response.parsed_body['results'][0].values_at(*widget_params.keys)).to match_array(widget_params.values)
+    end
+
+    it "updates widget set" do
+      api_basic_authorize collection_action_identifier(:widget_sets, :edit, :post)
+
+      post api_widget_set_url(nil, miq_widget_set), :params => gen_request(:edit, widget_params)
+
+      expect(response).to have_http_status(:ok)
+      expect(response.parsed_body['id'].to_i).to eq(miq_widget_set.id)
+      expect(response.parsed_body.values_at(*widget_params.keys)).to match_array(widget_params.values)
+    end
+
+    it "deletes widget set" do
+      api_basic_authorize collection_action_identifier(:widget_sets, :delete, :post)
+      widget_set_id = miq_widget_set.id
+
+      post api_widget_set_url(nil, miq_widget_set), :params => gen_request(:delete, widget_params)
+      expect(response).to have_http_status(:ok)
+      expect(MiqWidgetSet.find_by(:id => widget_set_id)).to be_nil
+    end
+
+    it "forbids action for non-super-admin user" do
+      expect_forbidden_request do
+        post(api_widget_sets_url)
+      end
+    end
+  end
+
+  context "PUT" do
+    it "updates widget set" do
+      api_basic_authorize collection_action_identifier(:widget_sets, :edit, :post)
+
+      put api_widget_set_url(nil, miq_widget_set), :params => widget_params
+
+      expect(response).to have_http_status(:ok)
+      expect(response.parsed_body['id'].to_i).to eq(miq_widget_set.id)
+      expect(response.parsed_body.values_at(*widget_params.keys)).to match_array(widget_params.values)
+    end
+
+    it "forbids action for non-super-admin user" do
+      expect_forbidden_request do
+        put(api_widget_set_url(nil, miq_widget_set))
+      end
+    end
+  end
+
+  context "DELETE" do
+    it "deletes widget set" do
+      api_basic_authorize collection_action_identifier(:widget_sets, :delete, :post)
+      widget_set_id = miq_widget_set.id
+
+      delete api_widget_set_url(nil, miq_widget_set)
+      expect(response).to have_http_status(:no_content)
+      expect(MiqWidgetSet.find_by(:id => widget_set_id)).to be_nil
+    end
+
+    it "forbids action for non-super-admin user" do
+      expect_forbidden_request do
+        delete(api_widget_set_url(nil, miq_widget_set))
+      end
+    end
+  end
+end