diff --git a/test/api/v3/integration/tasks/challenges/DELETE-tasks_id_challenge_challengeId.test.js b/test/api/v3/integration/tasks/challenges/DELETE-tasks_id_challenge_challengeId.test.js
new file mode 100644
index 0000000000..52f257be9b
--- /dev/null
+++ b/test/api/v3/integration/tasks/challenges/DELETE-tasks_id_challenge_challengeId.test.js
@@ -0,0 +1,114 @@
+import {
+  generateUser,
+  generateGroup,
+  generateChallenge,
+  sleep,
+  translate as t,
+} from '../../../../../helpers/api-integration/v3';
+import { v4 as generateUUID } from 'uuid';
+
+describe('DELETE /tasks/:id', () => {
+  let user;
+  let guild;
+  let challenge;
+  let task;
+
+  before(async () => {
+    user = await generateUser();
+    guild = await generateGroup(user);
+    challenge = await generateChallenge(user, guild);
+  });
+
+  beforeEach(async () => {
+    task = await user.post(`/tasks/challenge/${challenge._id}`, {
+      text: 'test habit',
+      type: 'habit',
+    });
+  });
+
+  it('cannot delete a non-existant task', async () => {
+    await expect(user.del(`/tasks/${generateUUID()}`)).to.eventually.be.rejected.and.eql({
+      code: 404,
+      error: 'NotFound',
+      message: t('taskNotFound'),
+    });
+  });
+
+  it('returns error when user is not leader of the challenge', async () => {
+    let anotherUser = await generateUser();
+
+    await expect(anotherUser.del(`/tasks/${task._id}`)).to.eventually.be.rejected.and.eql({
+      code: 401,
+      error: 'NotAuthorized',
+      message: t('onlyChalLeaderEditTasks'),
+    });
+  });
+
+  it('deletes a user\'s task', async () => {
+    await user.del(`/tasks/${task._id}`);
+
+    await expect(user.get(`/tasks/${task._id}`)).to.eventually.be.rejected.and.eql({
+      code: 404,
+      error: 'NotFound',
+      message: t('taskNotFound'),
+    });
+  });
+
+  context('challenge member', () => {
+    let anotherUser;
+    let anotherUsersNewChallengeTaskID;
+    let newChallengeTask;
+
+    beforeEach(async () => {
+      anotherUser = await generateUser();
+      await user.post(`/groups/${guild._id}/invite`, { uuids: [anotherUser._id] });
+      await anotherUser.post(`/groups/${guild._id}/join`);
+      await anotherUser.post(`/challenges/${challenge._id}/join`);
+
+      newChallengeTask = await user.post(`/tasks/challenge/${challenge._id}`, {
+        text: 'test habit',
+        type: 'habit',
+      });
+
+      let anotherUserWithNewChallengeTask = await anotherUser.get('/user');
+      anotherUsersNewChallengeTaskID = anotherUserWithNewChallengeTask.tasksOrder.habits[0];
+    });
+
+    it('returns error when user attempts to delete an active challenge task', async () => {
+      await expect(anotherUser.del(`/tasks/${anotherUsersNewChallengeTaskID}`))
+        .to.eventually.be.rejected.and.eql({
+          code: 401,
+          error: 'NotAuthorized',
+          message: t('cantDeleteChallengeTasks'),
+        });
+    });
+
+    it('allows user to delete challenge task after user leaves challenge', async () => {
+      await anotherUser.post(`/challenges/${challenge._id}/leave`);
+
+      await expect(anotherUser.del(`/tasks/${anotherUsersNewChallengeTaskID}`));
+
+      await expect(anotherUser.get(`/tasks/${task._id}`)).to.eventually.be.rejected.and.eql({
+        code: 404,
+        error: 'NotFound',
+        message: t('taskNotFound'),
+      });
+    });
+
+    it('allows user to delete challenge task after challenge task is broken', async () => {
+      await expect(user.del(`/tasks/${newChallengeTask._id}`));
+
+      await sleep(0.5);
+
+      await expect(anotherUser.del(`/tasks/${anotherUsersNewChallengeTaskID}`));
+
+      await sleep(0.5);
+
+      await expect(anotherUser.get(`/tasks/${anotherUsersNewChallengeTaskID}`)).to.eventually.be.rejected.and.eql({
+        code: 404,
+        error: 'NotFound',
+        message: t('taskNotFound'),
+      });
+    });
+  });
+});
diff --git a/website/src/controllers/api-v3/tasks.js b/website/src/controllers/api-v3/tasks.js
index 2218aa2e76..8fb0d3b5d4 100644
--- a/website/src/controllers/api-v3/tasks.js
+++ b/website/src/controllers/api-v3/tasks.js
@@ -909,12 +909,12 @@ api.deleteTask = {
     if (!task) {
       throw new NotFound(res.t('taskNotFound'));
     } else if (!task.userId) { // If the task belongs to a challenge make sure the user has rights
-      challenge = await Challenge.find().selec({_id: task.challenge.id}).select('leader').exec();
+      challenge = await Challenge.findOne({_id: task.challenge.id}).exec();
       if (!challenge) throw new NotFound(res.t('challengeNotFound'));
       if (challenge.leader !== user._id) throw new NotAuthorized(res.t('onlyChalLeaderEditTasks'));
     } else if (task.userId !== user._id) { // If the task is owned by an user make it's the current one
       throw new NotFound(res.t('taskNotFound'));
-    } else if (task.userId && task.challenge.id) {
+    } else if (task.userId && task.challenge.id && !task.challenge.broken) {
       throw new NotAuthorized(res.t('cantDeleteChallengeTasks'));
     }