Feature: Access control In order to control we gets access to what and where, as a customer, I want to assign users roles and give them access to specific sites Scenario: Got some roles Given the associate has some roles assigned to them When they sign in Then the roles should be on the access token Scenario: No access to site Given the associate does not have access to the site When they try to sign in Then they are informed that the can't sign in # todo: figure out if the service tells us that And the reason why Scenario: Forbidden for any reason Given the associate does not have access for some reason When they try to sign in Then they are informed that the can't sign in