diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 60e6ea8..bb71d22 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,31 +1,38 @@
 name: Build
 
 on:
-    push: ~
+    push:
+        branches-ignore:
+            - 'dependabot/**'
     pull_request: ~
     release:
         types: [created]
     schedule:
         -
             cron: "0 1 * * 6" # Run at 1am every Saturday
+    workflow_dispatch: ~
 
 jobs:
     tests:
-        runs-on: ubuntu-latest
+        runs-on: ubuntu-18.04
 
-        name: "PHP ${{ matrix.php }}, MySQL ${{ matrix.mysql }}"
+        name: "Sylius ${{ matrix.sylius }}, PHP ${{ matrix.php }}, Symfony ${{ matrix.symfony }}, MySQL ${{ matrix.mysql }}"
 
         strategy:
             fail-fast: false
             matrix:
-                php: [7.4, 7.3]
-                node: [10.x]
-                mysql: [5.7, 8.0]
+                php: ["8.0", "7.4"]
+                symfony: ["^4.4", "^5.2"]
+                sylius: ["~1.9.0", "~1.10.0"]
+                node: ["10.x"]
+                mysql: ["8.0"]
 
                 exclude:
-                    - # PHP 7.3 does not support "caching_sha2_password" authentication plugin which is a default one in MySQL 8.0
-                        php: 7.3
-                        mysql: 8.0
+                    - sylius: ~1.9.0
+                      php: 8.0
+
+                    - sylius: ~1.10.0
+                      symfony: 4.4
 
         env:
             APP_ENV: test
@@ -61,6 +68,14 @@ jobs:
                     mysql version: "${{ matrix.mysql }}"
                     mysql root password: "root"
 
+            -
+                name: Configure sysctl limits
+                run: |
+                    sudo swapoff -a
+                    sudo sysctl -w vm.swappiness=1
+                    sudo sysctl -w fs.file-max=262144
+                    sudo sysctl -w vm.max_map_count=262144
+
             -
                 name: Output PHP version for Symfony CLI
                 run: php -v | head -n 1 | awk '{ print $2 }' > .php-version
@@ -90,9 +105,22 @@ jobs:
                     key: ${{ runner.os }}-php-${{ matrix.php }}-composer-${{ hashFiles('**/composer.json **/composer.lock') }}
                     restore-keys: |
                         ${{ runner.os }}-php-${{ matrix.php }}-composer-
+
+            -
+                name: Restrict Symfony version
+                if: matrix.symfony != ''
+                run: |
+                    composer global require --no-progress --no-scripts --no-plugins "symfony/flex:^1.10"
+                    composer config extra.symfony.require "${{ matrix.symfony }}"
+
+            -
+                name: Restrict Sylius version
+                if: matrix.sylius != ''
+                run: composer require "sylius/sylius:${{ matrix.sylius }}" --no-update --no-scripts --no-interaction
+
             -
                 name: Install PHP dependencies
-                run: composer install --no-interaction
+                run: composer install --no-interaction --no-scripts
 
             -
                 name: Get Yarn cache directory
@@ -107,6 +135,7 @@ jobs:
                     key: ${{ runner.os }}-node-${{ matrix.node }}-yarn-${{ hashFiles('**/package.json **/yarn.lock') }}
                     restore-keys: |
                         ${{ runner.os }}-node-${{ matrix.node }}-yarn-
+
             -
                 name: Install JS dependencies
                 run: (cd tests/Application && yarn install)
@@ -116,11 +145,13 @@ jobs:
                 run: |
                     (cd tests/Application && bin/console doctrine:database:create -vvv)
                     (cd tests/Application && bin/console doctrine:schema:create -vvv)
+
             -
                 name: Prepare test application assets
                 run: |
                     (cd tests/Application && bin/console assets:install public -vvv)
                     (cd tests/Application && yarn build)
+
             -
                 name: Prepare test application cache
                 run: (cd tests/Application && bin/console cache:warmup -vvv)
@@ -141,10 +172,6 @@ jobs:
                 name: Run PHPSpec
                 run: vendor/bin/phpspec run --ansi -f progress --no-interaction
 
-            -
-                name: Run PHPUnit
-                run: vendor/bin/phpunit --colors=always
-
             -
                 name: Run Behat
                 run: vendor/bin/behat --colors --strict -vvv --no-interaction || vendor/bin/behat --colors --strict -vvv --no-interaction --rerun
diff --git a/composer.json b/composer.json
index 0926f05..1870347 100644
--- a/composer.json
+++ b/composer.json
@@ -5,24 +5,25 @@
     "description": "Blacklist plugin for Sylius.",
     "license": "MIT",
     "require": {
-        "php": "^7.3",
-        "sylius/sylius": "~1.8.0 || ~1.9.0"
+        "php": "^7.3 || ^7.4 || ^8.0",
+        "sylius/sylius": "~1.8.0 || ~1.9.0 || ~1.10.0"
     },
     "require-dev": {
-        "behat/behat": "^3.6.1",
+        "behat/behat": "^3.7",
+        "behat/mink": "^1.8",
         "behat/mink-selenium2-driver": "^1.4",
         "dmore/behat-chrome-extension": "^1.3",
         "dmore/chrome-mink-driver": "^2.7",
         "friends-of-behat/mink": "^1.8",
         "friends-of-behat/mink-browserkit-driver": "^1.4",
+        "friends-of-behat/mink-debug-extension": "^2.0",
         "friends-of-behat/mink-extension": "^2.4",
         "friends-of-behat/page-object-extension": "^0.3",
         "friends-of-behat/suite-settings-extension": "^1.0",
         "friends-of-behat/symfony-extension": "^2.1",
         "friends-of-behat/variadic-extension": "^1.3",
+        "lchrusciel/api-test-case": "^4.1||^5.0",
         "friendsofsymfony/oauth-server-bundle": "^1.6 || >2.0.0-alpha.0 ^2.0@dev",
-        "lakion/mink-debug-extension": "^2.0.0",
-        "lchrusciel/api-test-case": "^5.1",
         "phpspec/phpspec": "^7.0",
         "phpstan/extension-installer": "^1.0",
         "phpstan/phpstan": "0.12.82",
@@ -31,16 +32,13 @@
         "phpstan/phpstan-webmozart-assert": "0.12.12",
         "phpunit/phpunit": "^9.5",
         "sensiolabs/security-checker": "^6.0",
-        "sylius-labs/coding-standard": "^3.1",
+        "sylius-labs/coding-standard": "^4.0",
         "symfony/browser-kit": "^4.4 || ^5.2",
         "symfony/debug-bundle": "^4.4 || ^5.2",
         "symfony/dotenv": "^4.4 || ^5.2",
         "symfony/intl": "^4.4 || ^5.2",
         "symfony/web-profiler-bundle": "^4.4 || ^5.2",
-        "vimeo/psalm": "4.6.4"
-    },
-    "conflict":  {
-        "api-platform/core": ">=2.6.0"
+        "vimeo/psalm": "4.7.1"
     },
     "autoload": {
         "psr-4": {
diff --git a/ecs.php b/ecs.php
new file mode 100644
index 0000000..bf40cc9
--- /dev/null
+++ b/ecs.php
@@ -0,0 +1,14 @@
+<?php
+
+use PhpCsFixer\Fixer\ClassNotation\VisibilityRequiredFixer;
+use SlevomatCodingStandard\Sniffs\Commenting\InlineDocCommentDeclarationSniff;
+use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;
+use Symplify\EasyCodingStandard\ValueObject\Option;
+
+return static function (ContainerConfigurator $containerConfigurator): void {
+    $containerConfigurator->import('vendor/sylius-labs/coding-standard/ecs.php');
+
+    $containerConfigurator->parameters()->set(Option::SKIP, [
+        VisibilityRequiredFixer::class => ['*Spec.php'],
+    ]);
+};
diff --git a/tests/Application/.env b/tests/Application/.env
index 4b49a96..5c3b305 100644
--- a/tests/Application/.env
+++ b/tests/Application/.env
@@ -12,7 +12,7 @@ APP_SECRET=EDITME
 # Format described at http://docs.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
 # For a sqlite database, use: "sqlite:///%kernel.project_dir%/var/data.db"
 # Set "serverVersion" to your server version to avoid edge-case exceptions and extra database calls
-DATABASE_URL=mysql://root@127.0.0.1/sylius_%kernel.environment%?serverVersion=5.5
+DATABASE_URL=mysql://root@127.0.0.1/bitbag_sylius_blacklist_plugin_%kernel.environment%
 ###< doctrine/doctrine-bundle ###
 
 ###> lexik/jwt-authentication-bundle ###
diff --git a/tests/Application/config/bundles.php b/tests/Application/config/bundles.php
index 50c0948..dbd0514 100644
--- a/tests/Application/config/bundles.php
+++ b/tests/Application/config/bundles.php
@@ -45,8 +45,6 @@
     Sylius\Bundle\ThemeBundle\SyliusThemeBundle::class => ['all' => true],
     Sylius\Bundle\AdminBundle\SyliusAdminBundle::class => ['all' => true],
     Sylius\Bundle\ShopBundle\SyliusShopBundle::class => ['all' => true],
-    FOS\OAuthServerBundle\FOSOAuthServerBundle::class => ['all' => true],
-    Sylius\Bundle\AdminApiBundle\SyliusAdminApiBundle::class => ['all' => true],
     BitBag\SyliusBlacklistPlugin\BitBagSyliusBlacklistPlugin::class => ['all' => true],
     Symfony\Bundle\DebugBundle\DebugBundle::class => ['dev' => true, 'test' => true, 'test_cached' => true],
     Symfony\Bundle\WebProfilerBundle\WebProfilerBundle::class => ['dev' => true, 'test' => true, 'test_cached' => true],
@@ -56,7 +54,6 @@
     Lexik\Bundle\JWTAuthenticationBundle\LexikJWTAuthenticationBundle::class => ['all' => true],
     Sylius\Bundle\ApiBundle\SyliusApiBundle::class => ['all' => true],
     SyliusLabs\DoctrineMigrationsExtraBundle\SyliusLabsDoctrineMigrationsExtraBundle::class => ['all' => true],
-    Symplify\ConsoleColorDiff\ConsoleColorDiffBundle::class => ['dev' => true, 'test' => true],
     Nelmio\Alice\Bridge\Symfony\NelmioAliceBundle::class => ['dev' => true, 'test' => true, 'test_cached' => true],
     Fidry\AliceDataFixtures\Bridge\Symfony\FidryAliceDataFixturesBundle::class => ['dev' => true, 'test' => true, 'test_cached' => true],
 ];
diff --git a/tests/Application/config/packages/_sylius.yaml b/tests/Application/config/packages/_sylius.yaml
index f9a5000..be721c0 100644
--- a/tests/Application/config/packages/_sylius.yaml
+++ b/tests/Application/config/packages/_sylius.yaml
@@ -2,7 +2,6 @@ imports:
     - { resource: "@SyliusCoreBundle/Resources/config/app/config.yml" }
 
     - { resource: "@SyliusAdminBundle/Resources/config/app/config.yml" }
-    - { resource: "@SyliusAdminApiBundle/Resources/config/app/config.yml" }
 
     - { resource: "@SyliusShopBundle/Resources/config/app/config.yml" }
 
@@ -36,4 +35,4 @@ sylius_grid:
                         choices:
                             bitbag_sylius_blacklist_plugin.ui.neutral: Neutral
                             bitbag_sylius_blacklist_plugin.ui.blacklisted: Blacklisted
-                            bitbag_sylius_blacklist_plugin.ui.whitelisted: Whitelisted
\ No newline at end of file
+                            bitbag_sylius_blacklist_plugin.ui.whitelisted: Whitelisted
diff --git a/tests/Application/config/routes/dev/twig.yaml b/tests/Application/config/routes/dev/twig.yaml
deleted file mode 100644
index f4ee839..0000000
--- a/tests/Application/config/routes/dev/twig.yaml
+++ /dev/null
@@ -1,3 +0,0 @@
-_errors:
-    resource: '@TwigBundle/Resources/config/routing/errors.xml'
-    prefix: /_error
diff --git a/tests/Application/config/sylius/1.10/bundles.php b/tests/Application/config/sylius/1.10/bundles.php
new file mode 100644
index 0000000..bd33f4a
--- /dev/null
+++ b/tests/Application/config/sylius/1.10/bundles.php
@@ -0,0 +1,6 @@
+<?php
+
+return [
+    BabDev\PagerfantaBundle\BabDevPagerfantaBundle::class => ['all' => true],
+    SyliusLabs\Polyfill\Symfony\Security\Bundle\SyliusLabsPolyfillSymfonySecurityBundle::class => ['all' => true],
+];
diff --git a/tests/Application/config/sylius/1.10/packages/dev/jms_serializer.yaml b/tests/Application/config/sylius/1.10/packages/dev/jms_serializer.yaml
new file mode 100644
index 0000000..2f32a9b
--- /dev/null
+++ b/tests/Application/config/sylius/1.10/packages/dev/jms_serializer.yaml
@@ -0,0 +1,12 @@
+jms_serializer:
+    visitors:
+        json_serialization:
+            options:
+                - JSON_PRETTY_PRINT
+                - JSON_UNESCAPED_SLASHES
+                - JSON_PRESERVE_ZERO_FRACTION
+        json_deserialization:
+            options:
+                - JSON_PRETTY_PRINT
+                - JSON_UNESCAPED_SLASHES
+                - JSON_PRESERVE_ZERO_FRACTION
diff --git a/tests/Application/config/sylius/1.10/packages/jms_serializer.yaml b/tests/Application/config/sylius/1.10/packages/jms_serializer.yaml
new file mode 100644
index 0000000..ed7bc61
--- /dev/null
+++ b/tests/Application/config/sylius/1.10/packages/jms_serializer.yaml
@@ -0,0 +1,4 @@
+jms_serializer:
+    visitors:
+        xml_serialization:
+            format_output: '%kernel.debug%'
diff --git a/tests/Application/config/sylius/1.10/packages/prod/jms_serializer.yaml b/tests/Application/config/sylius/1.10/packages/prod/jms_serializer.yaml
new file mode 100644
index 0000000..c288182
--- /dev/null
+++ b/tests/Application/config/sylius/1.10/packages/prod/jms_serializer.yaml
@@ -0,0 +1,10 @@
+jms_serializer:
+    visitors:
+        json_serialization:
+            options:
+                - JSON_UNESCAPED_SLASHES
+                - JSON_PRESERVE_ZERO_FRACTION
+        json_deserialization:
+            options:
+                - JSON_UNESCAPED_SLASHES
+                - JSON_PRESERVE_ZERO_FRACTION
diff --git a/tests/Application/config/sylius/1.10/packages/security.yaml b/tests/Application/config/sylius/1.10/packages/security.yaml
new file mode 100644
index 0000000..ef43c09
--- /dev/null
+++ b/tests/Application/config/sylius/1.10/packages/security.yaml
@@ -0,0 +1,138 @@
+parameters:
+    sylius.security.admin_regex: "^/admin"
+    sylius.security.shop_regex: "^/(?!admin|new-api|api/.*|api$|media/.*)[^/]++"
+    sylius.security.new_api_route: "/new-api"
+    sylius.security.new_api_regex: "^%sylius.security.new_api_route%"
+
+security:
+    always_authenticate_before_granting: true
+    providers:
+        sylius_admin_user_provider:
+            id: sylius.admin_user_provider.email_or_name_based
+        sylius_api_admin_user_provider:
+            id: sylius.admin_user_provider.email_or_name_based
+        sylius_shop_user_provider:
+            id: sylius.shop_user_provider.email_or_name_based
+        sylius_api_shop_user_provider:
+            id: sylius.shop_user_provider.email_or_name_based
+        sylius_api_chain_provider:
+            chain:
+                providers: [sylius_api_shop_user_provider, sylius_api_admin_user_provider]
+
+    encoders:
+        Sylius\Component\User\Model\UserInterface: argon2i
+    firewalls:
+        admin:
+            switch_user: true
+            context: admin
+            pattern: "%sylius.security.admin_regex%"
+            provider: sylius_admin_user_provider
+            form_login:
+                provider: sylius_admin_user_provider
+                login_path: sylius_admin_login
+                check_path: sylius_admin_login_check
+                failure_path: sylius_admin_login
+                default_target_path: sylius_admin_dashboard
+                use_forward: false
+                use_referer: true
+                csrf_token_generator: security.csrf.token_manager
+                csrf_parameter: _csrf_admin_security_token
+                csrf_token_id: admin_authenticate
+            remember_me:
+                secret: "%env(APP_SECRET)%"
+                path: /admin
+                name: APP_ADMIN_REMEMBER_ME
+                lifetime: 31536000
+                remember_me_parameter: _remember_me
+            logout:
+                path: sylius_admin_logout
+                target: sylius_admin_login
+            anonymous: true
+
+        new_api_admin_user:
+            pattern: "%sylius.security.new_api_route%/admin-user-authentication-token"
+            provider: sylius_admin_user_provider
+            stateless: true
+            anonymous: true
+            json_login:
+                check_path: "%sylius.security.new_api_route%/admin-user-authentication-token"
+                username_path: email
+                password_path: password
+                success_handler: lexik_jwt_authentication.handler.authentication_success
+                failure_handler: lexik_jwt_authentication.handler.authentication_failure
+            guard:
+                authenticators:
+                    - lexik_jwt_authentication.jwt_token_authenticator
+
+        new_api_shop_user:
+            pattern: "%sylius.security.new_api_route%/shop-user-authentication-token"
+            provider: sylius_shop_user_provider
+            stateless: true
+            anonymous: true
+            json_login:
+                check_path: "%sylius.security.new_api_route%/shop-user-authentication-token"
+                username_path: email
+                password_path: password
+                success_handler: lexik_jwt_authentication.handler.authentication_success
+                failure_handler: lexik_jwt_authentication.handler.authentication_failure
+            guard:
+                authenticators:
+                    - lexik_jwt_authentication.jwt_token_authenticator
+
+        new_api:
+            pattern: "%sylius.security.new_api_regex%/*"
+            provider: sylius_api_chain_provider
+            stateless: true
+            anonymous: lazy
+            guard:
+                authenticators:
+                    - lexik_jwt_authentication.jwt_token_authenticator
+
+        shop:
+            switch_user: { role: ROLE_ALLOWED_TO_SWITCH }
+            context: shop
+            pattern: "%sylius.security.shop_regex%"
+            provider: sylius_shop_user_provider
+            form_login:
+                success_handler: sylius.authentication.success_handler
+                failure_handler: sylius.authentication.failure_handler
+                provider: sylius_shop_user_provider
+                login_path: sylius_shop_login
+                check_path: sylius_shop_login_check
+                failure_path: sylius_shop_login
+                default_target_path: sylius_shop_homepage
+                use_forward: false
+                use_referer: true
+                csrf_token_generator: security.csrf.token_manager
+                csrf_parameter: _csrf_shop_security_token
+                csrf_token_id: shop_authenticate
+            remember_me:
+                secret: "%env(APP_SECRET)%"
+                name: APP_SHOP_REMEMBER_ME
+                lifetime: 31536000
+                remember_me_parameter: _remember_me
+            logout:
+                path: sylius_shop_logout
+                target: sylius_shop_login
+                invalidate_session: false
+                success_handler: sylius.handler.shop_user_logout
+            anonymous: true
+
+        dev:
+            pattern:  ^/(_(profiler|wdt)|css|images|js)/
+            security: false
+
+    access_control:
+        - { path: "%sylius.security.admin_regex%/_partial", role: IS_AUTHENTICATED_ANONYMOUSLY, ips: [127.0.0.1, ::1] }
+        - { path: "%sylius.security.admin_regex%/_partial", role: ROLE_NO_ACCESS }
+        - { path: "%sylius.security.shop_regex%/_partial", role: IS_AUTHENTICATED_ANONYMOUSLY, ips: [127.0.0.1, ::1] }
+        - { path: "%sylius.security.shop_regex%/_partial", role: ROLE_NO_ACCESS }
+
+        - { path: "%sylius.security.admin_regex%/login", role: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: "%sylius.security.shop_regex%/login", role: IS_AUTHENTICATED_ANONYMOUSLY }
+
+        - { path: "%sylius.security.shop_regex%/register", role: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: "%sylius.security.shop_regex%/verify", role: IS_AUTHENTICATED_ANONYMOUSLY }
+
+        - { path: "%sylius.security.admin_regex%", role: ROLE_ADMINISTRATION_ACCESS }
+        - { path: "%sylius.security.shop_regex%/account", role: ROLE_USER }
diff --git a/tests/Application/config/sylius/1.8/bundles.php b/tests/Application/config/sylius/1.8/bundles.php
index 74ee2bc..c3c8ea4 100644
--- a/tests/Application/config/sylius/1.8/bundles.php
+++ b/tests/Application/config/sylius/1.8/bundles.php
@@ -3,4 +3,6 @@
 return [
     Doctrine\Bundle\DoctrineCacheBundle\DoctrineCacheBundle::class => ['all' => true],
     WhiteOctober\PagerfantaBundle\WhiteOctoberPagerfantaBundle::class => ['all' => true],
+    FOS\OAuthServerBundle\FOSOAuthServerBundle::class => ['all' => true],
+    Sylius\Bundle\AdminApiBundle\SyliusAdminApiBundle::class => ['all' => true],
 ];
diff --git a/tests/Application/config/sylius/1.8/packages/_sylius.yaml b/tests/Application/config/sylius/1.8/packages/_sylius.yaml
new file mode 100644
index 0000000..1674a97
--- /dev/null
+++ b/tests/Application/config/sylius/1.8/packages/_sylius.yaml
@@ -0,0 +1,2 @@
+imports:
+    - { resource: "@SyliusAdminApiBundle/Resources/config/app/config.yml" }
diff --git a/tests/Application/config/packages/security.yaml b/tests/Application/config/sylius/1.8/packages/security.yaml
similarity index 100%
rename from tests/Application/config/packages/security.yaml
rename to tests/Application/config/sylius/1.8/packages/security.yaml
diff --git a/tests/Application/config/routes/sylius_admin_api.yaml b/tests/Application/config/sylius/1.8/routes/sylius_admin_api.yaml
similarity index 100%
rename from tests/Application/config/routes/sylius_admin_api.yaml
rename to tests/Application/config/sylius/1.8/routes/sylius_admin_api.yaml
diff --git a/tests/Application/config/sylius/1.9/bundles.php b/tests/Application/config/sylius/1.9/bundles.php
index bd33f4a..66f523d 100644
--- a/tests/Application/config/sylius/1.9/bundles.php
+++ b/tests/Application/config/sylius/1.9/bundles.php
@@ -3,4 +3,6 @@
 return [
     BabDev\PagerfantaBundle\BabDevPagerfantaBundle::class => ['all' => true],
     SyliusLabs\Polyfill\Symfony\Security\Bundle\SyliusLabsPolyfillSymfonySecurityBundle::class => ['all' => true],
+    FOS\OAuthServerBundle\FOSOAuthServerBundle::class => ['all' => true],
+    Sylius\Bundle\AdminApiBundle\SyliusAdminApiBundle::class => ['all' => true],
 ];
diff --git a/tests/Application/config/sylius/1.9/packages/_sylius.yaml b/tests/Application/config/sylius/1.9/packages/_sylius.yaml
new file mode 100644
index 0000000..1674a97
--- /dev/null
+++ b/tests/Application/config/sylius/1.9/packages/_sylius.yaml
@@ -0,0 +1,2 @@
+imports:
+    - { resource: "@SyliusAdminApiBundle/Resources/config/app/config.yml" }
diff --git a/tests/Application/config/sylius/1.9/packages/security.yaml b/tests/Application/config/sylius/1.9/packages/security.yaml
new file mode 100644
index 0000000..8161bda
--- /dev/null
+++ b/tests/Application/config/sylius/1.9/packages/security.yaml
@@ -0,0 +1,159 @@
+parameters:
+    sylius.security.admin_regex: "^/%sylius_admin.path_name%"
+    sylius.security.api_regex: "^/api"
+    sylius.security.shop_regex: "^/(?!%sylius_admin.path_name%|new-api|api/.*|api$|media/.*)[^/]++"
+    sylius.security.new_api_route: "/new-api"
+    sylius.security.new_api_regex: "^%sylius.security.new_api_route%"
+    sylius.security.new_api_admin_route: "%sylius.security.new_api_route%/admin"
+    sylius.security.new_api_admin_regex: "^%sylius.security.new_api_admin_route%"
+    sylius.security.new_api_shop_route: "%sylius.security.new_api_route%/shop"
+    sylius.security.new_api_shop_regex: "^%sylius.security.new_api_shop_route%"
+
+security:
+    always_authenticate_before_granting: true
+    providers:
+        sylius_admin_user_provider:
+            id: sylius.admin_user_provider.email_or_name_based
+        sylius_api_admin_user_provider:
+            id: sylius.admin_user_provider.email_or_name_based
+        sylius_shop_user_provider:
+            id: sylius.shop_user_provider.email_or_name_based
+        sylius_api_shop_user_provider:
+            id: sylius.shop_user_provider.email_or_name_based
+        sylius_api_chain_provider:
+            chain:
+                providers: [sylius_api_shop_user_provider, sylius_api_admin_user_provider]
+
+    encoders:
+        Sylius\Component\User\Model\UserInterface: argon2i
+    firewalls:
+        admin:
+            switch_user: true
+            context: admin
+            pattern: "%sylius.security.admin_regex%"
+            provider: sylius_admin_user_provider
+            form_login:
+                provider: sylius_admin_user_provider
+                login_path: sylius_admin_login
+                check_path: sylius_admin_login_check
+                failure_path: sylius_admin_login
+                default_target_path: sylius_admin_dashboard
+                use_forward: false
+                use_referer: true
+                csrf_token_generator: security.csrf.token_manager
+                csrf_parameter: _csrf_admin_security_token
+                csrf_token_id: admin_authenticate
+            remember_me:
+                secret: "%env(APP_SECRET)%"
+                path: "/%sylius_admin.path_name%"
+                name: APP_ADMIN_REMEMBER_ME
+                lifetime: 31536000
+                remember_me_parameter: _remember_me
+            logout:
+                path: sylius_admin_logout
+                target: sylius_admin_login
+            anonymous: true
+
+        oauth_token:
+            pattern: "%sylius.security.api_regex%/oauth/v2/token"
+            security: false
+
+        new_api_admin_user:
+            pattern: "%sylius.security.new_api_route%/admin-user-authentication-token"
+            provider: sylius_admin_user_provider
+            stateless: true
+            anonymous: true
+            json_login:
+                check_path: "%sylius.security.new_api_route%/admin-user-authentication-token"
+                username_path: email
+                password_path: password
+                success_handler: lexik_jwt_authentication.handler.authentication_success
+                failure_handler: lexik_jwt_authentication.handler.authentication_failure
+            guard:
+                authenticators:
+                    - lexik_jwt_authentication.jwt_token_authenticator
+
+        new_api_shop_user:
+            pattern: "%sylius.security.new_api_route%/shop-user-authentication-token"
+            provider: sylius_shop_user_provider
+            stateless: true
+            anonymous: true
+            json_login:
+                check_path: "%sylius.security.new_api_route%/shop-user-authentication-token"
+                username_path: email
+                password_path: password
+                success_handler: lexik_jwt_authentication.handler.authentication_success
+                failure_handler: lexik_jwt_authentication.handler.authentication_failure
+            guard:
+                authenticators:
+                    - lexik_jwt_authentication.jwt_token_authenticator
+
+        new_api:
+            pattern: "%sylius.security.new_api_regex%/*"
+            provider: sylius_api_chain_provider
+            stateless: true
+            anonymous: lazy
+            guard:
+                authenticators:
+                    - lexik_jwt_authentication.jwt_token_authenticator
+
+        api:
+            pattern: "%sylius.security.api_regex%/.*"
+            provider: sylius_admin_user_provider
+            fos_oauth: true
+            stateless: true
+            anonymous: true
+
+        shop:
+            switch_user: { role: ROLE_ALLOWED_TO_SWITCH }
+            context: shop
+            pattern: "%sylius.security.shop_regex%"
+            provider: sylius_shop_user_provider
+            form_login:
+                success_handler: sylius.authentication.success_handler
+                failure_handler: sylius.authentication.failure_handler
+                provider: sylius_shop_user_provider
+                login_path: sylius_shop_login
+                check_path: sylius_shop_login_check
+                failure_path: sylius_shop_login
+                default_target_path: sylius_shop_homepage
+                use_forward: false
+                use_referer: true
+                csrf_token_generator: security.csrf.token_manager
+                csrf_parameter: _csrf_shop_security_token
+                csrf_token_id: shop_authenticate
+            remember_me:
+                secret: "%env(APP_SECRET)%"
+                name: APP_SHOP_REMEMBER_ME
+                lifetime: 31536000
+                remember_me_parameter: _remember_me
+            logout:
+                path: sylius_shop_logout
+                target: sylius_shop_login
+                invalidate_session: false
+                success_handler: sylius.handler.shop_user_logout
+            anonymous: true
+
+        dev:
+            pattern:  ^/(_(profiler|wdt)|css|images|js)/
+            security: false
+
+    access_control:
+        - { path: "%sylius.security.admin_regex%/_partial", role: IS_AUTHENTICATED_ANONYMOUSLY, ips: [127.0.0.1, ::1] }
+        - { path: "%sylius.security.admin_regex%/_partial", role: ROLE_NO_ACCESS }
+        - { path: "%sylius.security.shop_regex%/_partial", role: IS_AUTHENTICATED_ANONYMOUSLY, ips: [127.0.0.1, ::1] }
+        - { path: "%sylius.security.shop_regex%/_partial", role: ROLE_NO_ACCESS }
+
+        - { path: "%sylius.security.admin_regex%/login", role: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: "%sylius.security.api_regex%/login", role: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: "%sylius.security.shop_regex%/login", role: IS_AUTHENTICATED_ANONYMOUSLY }
+
+        - { path: "%sylius.security.shop_regex%/register", role: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: "%sylius.security.shop_regex%/verify", role: IS_AUTHENTICATED_ANONYMOUSLY }
+
+        - { path: "%sylius.security.admin_regex%", role: ROLE_ADMINISTRATION_ACCESS }
+        - { path: "%sylius.security.api_regex%/.*", role: ROLE_API_ACCESS }
+        - { path: "%sylius.security.shop_regex%/account", role: ROLE_USER }
+
+        - { path: "%sylius.security.new_api_admin_regex%/.*", role: ROLE_API_ACCESS }
+        - { path: "%sylius.security.new_api_shop_regex%/.*", role: IS_AUTHENTICATED_ANONYMOUSLY }
diff --git a/tests/Application/config/sylius/1.9/routes/sylius_admin_api.yaml b/tests/Application/config/sylius/1.9/routes/sylius_admin_api.yaml
new file mode 100644
index 0000000..80aed45
--- /dev/null
+++ b/tests/Application/config/sylius/1.9/routes/sylius_admin_api.yaml
@@ -0,0 +1,3 @@
+sylius_admin_api:
+    resource: "@SyliusAdminApiBundle/Resources/config/routing.yml"
+    prefix: /api