diff --git a/roles/keycloak/files/providers/keycloak-mailpass-rest/src/integrationTest/java/org/archlinux/keycloak/mailpass/rest/MailPassResourceIntegrationTest.java b/roles/keycloak/files/providers/keycloak-mailpass-rest/src/integrationTest/java/org/archlinux/keycloak/mailpass/rest/MailPassResourceIntegrationTest.java
index 6dc441a99405a210102c13addfcb6f1cc37034a8..867e089c3b1734dfb254761b91df207d171c72b9 100644
--- a/roles/keycloak/files/providers/keycloak-mailpass-rest/src/integrationTest/java/org/archlinux/keycloak/mailpass/rest/MailPassResourceIntegrationTest.java
+++ b/roles/keycloak/files/providers/keycloak-mailpass-rest/src/integrationTest/java/org/archlinux/keycloak/mailpass/rest/MailPassResourceIntegrationTest.java
@@ -1,27 +1,57 @@
 package org.archlinux.keycloak.mailpass.rest;
 
 import com.palantir.docker.compose.DockerComposeRule;
+import com.palantir.docker.compose.connection.waiting.HealthChecks;
 
+import org.junit.BeforeClass;
 import org.junit.ClassRule;
 import org.junit.Test;
 
+import io.restassured.http.ContentType;
 import io.restassured.response.Response;
 
 import static io.restassured.RestAssured.given;
-import static io.restassured.RestAssured.post;
 import static org.junit.Assert.assertEquals;
 
+import java.text.MessageFormat;
+
 public class MailPassResourceIntegrationTest {
-  private final static String ROOT_URI = "http://localhost:8080/auth/realms/master/mailpass/roleauth";
+  private final static String ROOT_URI = "http://localhost:{0,number,#}/auth/realms/master/mailpass/roleauth";
+  private final static String TOKEN_GEN_URI = "http://localhost:{0,number,#}/auth/realms/master/protocol/openid-connect/token";
+
+  private static String token;
+  private static int port;
 
   @ClassRule
   public static DockerComposeRule docker = DockerComposeRule.builder()
-      .file("src/integrationTest/resources/docker-compose.yml").build();
+      .file("src/integrationTest/resources/docker-compose.yml").waitingForService("keycloak", HealthChecks
+          .toRespondOverHttp(8080, (port) -> port.inFormat("http://$HOST:$EXTERNAL_PORT/auth/realms/master")))
+      .build();
+
+  @BeforeClass
+  public static void setup() {
+    port = docker.containers().container("keycloak").port(8080).getExternalPort();
+
+    Response response = given().accept(ContentType.JSON).contentType(ContentType.URLENC)
+        .body("grant_type=password&username=admin&password=admin&client_id=admin-cli")
+        .post(MessageFormat.format(TOKEN_GEN_URI, port));
+
+    token = response.jsonPath().getString("access_token");
+  }
 
   @Test
-  public void testNonAuthenticatedAccess() {
-    Response response = post(ROOT_URI + "/compute-password-hash");
+  public void testNonAuthenticatedAccessReturns401() {
+    Response response = given().contentType(ContentType.JSON).body("{ \"password\": \"password\" }").when()
+        .post(MessageFormat.format(ROOT_URI, port) + "/compute-password-hash");
     assertEquals(401, response.getStatusCode());
   }
 
+  @Test
+  public void testAuthenticatedAccessReturns200() {
+    Response response = given().header("Authorization", "Bearer " + token).contentType(ContentType.JSON)
+        .body("{ \"password\": \"password\" }").when()
+        .post(MessageFormat.format(ROOT_URI, port) + "/compute-password-hash");
+    assertEquals(201, response.getStatusCode());
+  }
+
 }