diff --git a/tests/Acceptance/SecurityLayerTest.php b/tests/Acceptance/SecurityLayerTest.php
index b0dd50cf..e54d6933 100644
--- a/tests/Acceptance/SecurityLayerTest.php
+++ b/tests/Acceptance/SecurityLayerTest.php
@@ -95,6 +95,40 @@ public function testAuthenticatedUserRolesRequest(): void
         $this->assertSame('These are the roles I have currently assigned: ROLE_OAUTH2_FANCY, ROLE_USER', $response->getContent());
     }
 
+    public function testSuccessfulAuthorizationForAuthenticatedUserRequest(): void
+    {
+        $accessToken = $this->client
+            ->getContainer()
+            ->get(AccessTokenManagerInterface::class)
+            ->find(FixtureFactory::FIXTURE_ACCESS_TOKEN_USER_BOUND_WITH_SCOPES);
+
+        $this->client->request('GET', '/security-test-authorization', [], [], [
+            'HTTP_AUTHORIZATION' => sprintf('Bearer %s', TestHelper::generateJwtToken($accessToken)),
+        ]);
+
+        $response = $this->client->getResponse();
+
+        $this->assertSame(200, $response->getStatusCode());
+        $this->assertSame('access granted', $response->getContent());
+    }
+
+    public function testUnsuccessfulAuthorizationForAuthenticatedUserRequest(): void
+    {
+        $accessToken = $this->client
+            ->getContainer()
+            ->get(AccessTokenManagerInterface::class)
+            ->find(FixtureFactory::FIXTURE_ACCESS_TOKEN_USER_BOUND);
+
+        $this->client->request('GET', '/security-test-authorization', [], [], [
+            'HTTP_AUTHORIZATION' => sprintf('Bearer %s', TestHelper::generateJwtToken($accessToken)),
+        ]);
+
+        $response = $this->client->getResponse();
+
+        $this->assertSame(403, $response->getStatusCode());
+        $this->assertNotSame('access granted', $response->getContent());
+    }
+
     public function testExpiredRequest(): void
     {
         $accessToken = $this->client
diff --git a/tests/Fixtures/SecurityTestController.php b/tests/Fixtures/SecurityTestController.php
index 708f43cf..47d8dd1d 100644
--- a/tests/Fixtures/SecurityTestController.php
+++ b/tests/Fixtures/SecurityTestController.php
@@ -48,4 +48,11 @@ public function rolesAction(): Response
             )
         );
     }
+
+    public function authorizationAction(): Response
+    {
+        $this->denyAccessUnlessGranted('ROLE_OAUTH2_FANCY');
+
+        return new Response('access granted');
+    }
 }
diff --git a/tests/Fixtures/routes.php b/tests/Fixtures/routes.php
index 00f9cb75..2e4d7679 100644
--- a/tests/Fixtures/routes.php
+++ b/tests/Fixtures/routes.php
@@ -23,5 +23,8 @@
         ->defaults([
             'oauth2_scopes' => ['fancy'],
         ])
+
+        ->add('security_test_authorization', '/security-test-authorization')
+        ->controller([SecurityTestController::class, 'authorizationAction'])
     ;
 };