diff --git a/src/test/java/de/ozgcloud/admin/security/JwtTestFactory.java b/src/test/java/de/ozgcloud/admin/security/JwtTestFactory.java
index 49c706189c0f436f66bb7af44444b19659672901..1638bd85506a31ede6d03292213d4fb6b031ee11 100644
--- a/src/test/java/de/ozgcloud/admin/security/JwtTestFactory.java
+++ b/src/test/java/de/ozgcloud/admin/security/JwtTestFactory.java
@@ -56,7 +56,7 @@ public class JwtTestFactory {
 	//	}
 
 	public static Jwt.Builder createBuilder() {
-		return Jwt.withTokenValue("AAAA").header("aa", "bb");
+		return Jwt.withTokenValue("token-value").header("header-key", "header-value").claim("claim-key", "claim-value");
 	}
 
 }
diff --git a/src/test/java/de/ozgcloud/admin/security/SecurityConfigurationTest.java b/src/test/java/de/ozgcloud/admin/security/SecurityConfigurationTest.java
index 2bd806c7195c83341aebed3e6bbe70d64561d1f7..0707f7712ad10737b023a7709aeac1565fd1bc02 100644
--- a/src/test/java/de/ozgcloud/admin/security/SecurityConfigurationTest.java
+++ b/src/test/java/de/ozgcloud/admin/security/SecurityConfigurationTest.java
@@ -21,6 +21,7 @@
  */
 package de.ozgcloud.admin.security;
 
+import static de.ozgcloud.admin.security.SecurityConfiguration.*;
 import static java.util.Collections.*;
 import static org.assertj.core.api.Assertions.*;
 import static org.mockito.Mockito.*;
@@ -54,41 +55,41 @@ class SecurityConfigurationTest {
 	@Mock
 	private OAuth2Properties oAuth2Properties;
 
-	@BeforeEach
-	void mock() {
-		when(oAuth2Properties.getResource()).thenReturn(JwtTestFactory.AUTH_RESOURCE);
-	}
-
-	@DisplayName("get keycloak roles from claims")
+	@DisplayName("get keycloak roles from jwt")
 	@Nested
-	class TestGetKeycloakRolesFromClaims {
+	class TestGetKeycloakRolesFromJwt {
+
+		@BeforeEach
+		void mock() {
+			lenient().when(oAuth2Properties.getResource()).thenReturn(JwtTestFactory.AUTH_RESOURCE);
+		}
 
-		@DisplayName("should return empty if resource_access.admin.roles are missing")
+		@DisplayName("should return empty list if resource_access.admin.roles path is missing")
 		@ParameterizedTest
 		@MethodSource("getIncompleteJwt")
-		void shouldReturnEmptyIfResourceAccessAdminRolesAreMissing(Jwt incompleteJwt) {
-			var rolesList = securityConfiguration.getKeycloakRolesFromJwt(incompleteJwt);
+		void shouldReturnEmptyListIfResourceAccessAdminRolesPathIsMissing(Jwt incompleteJwt) {
+			var roleStrings = securityConfiguration.getKeycloakRolesFromJwt(incompleteJwt);
 
-			assertThat(rolesList).isEmpty();
+			assertThat(roleStrings).isEmpty();
 		}
 
 		private static Stream<Arguments> getIncompleteJwt() {
 			return Stream.of(JwtTestFactory.create(),
-							JwtTestFactory.createBuilder().claim("resource_access", Map.of()).build(),
-							JwtTestFactory.createBuilder().claim("resource_access", Map.of("admin", Map.of())).build(),
+							JwtTestFactory.createBuilder().claim(RESOURCE_ACCESS_KEY, Map.of()).build(),
+							JwtTestFactory.createBuilder().claim(RESOURCE_ACCESS_KEY, Map.of("admin", Map.of())).build(),
 							JwtTestFactory.createWithRoles(emptyList()).build())
 					.map(Arguments::of);
 		}
 
 		@DisplayName("should return resource_access.admin.roles list")
 		@Test
-		void shouldReturnEmptyIfResourceAccessAdminRolesList() {
+		void shouldReturnResourceAccessAdminRolesList() {
 			var expectedRoles = List.of(JwtTestFactory.ROLE_1, JwtTestFactory.ROLE_2, JwtTestFactory.ROLE_3);
-			var jwtWithClaims = JwtTestFactory.createWithRoles(expectedRoles).build();
+			var jwtWithRoles = JwtTestFactory.createWithRoles(expectedRoles).build();
 
-			var roles = securityConfiguration.getKeycloakRolesFromJwt(jwtWithClaims);
+			var roleStrings = securityConfiguration.getKeycloakRolesFromJwt(jwtWithRoles);
 
-			assertThat(roles).isEqualTo(expectedRoles);
+			assertThat(roleStrings).isEqualTo(expectedRoles);
 		}
 
 	}