diff --git a/src/routes/test/eventlog-test.js b/src/routes/test/eventlog-test.js
index 29012aa1b..c4dec18c4 100644
--- a/src/routes/test/eventlog-test.js
+++ b/src/routes/test/eventlog-test.js
@@ -6,8 +6,7 @@
 
 'use strict';
 
-var accesscontrol = require('../../accesscontrol.js'),
-    async = require('async'),
+var async = require('async'),
     constants = require('../../constants.js'),
     database = require('../../database.js'),
     eventlogdb = require('../../eventlogdb.js'),
@@ -73,7 +72,7 @@ function setup(done) {
             token_1 = hat(8 * 32);
 
             // HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...)
-            tokendb.add({ id: 'tid-0', accessToken: token_1, identifier: USER_1_ID, clientId: 'test-client-id', expires: Date.now() + 100000, scope: accesscontrol.SCOPE_PROFILE, name: '' }, callback);
+            tokendb.add({ id: 'tid-0', accessToken: token_1, identifier: USER_1_ID, clientId: 'test-client-id', expires: Date.now() + 100000, scope: 'unused', name: '' }, callback);
         },
 
         function (callback) {
diff --git a/src/routes/test/groups-test.js b/src/routes/test/groups-test.js
index 4488c2829..246cf3c26 100644
--- a/src/routes/test/groups-test.js
+++ b/src/routes/test/groups-test.js
@@ -6,8 +6,7 @@
 
 'use strict';
 
-var accesscontrol = require('../../accesscontrol.js'),
-    async = require('async'),
+var async = require('async'),
     constants = require('../../constants.js'),
     database = require('../../database.js'),
     expect = require('expect.js'),
@@ -67,7 +66,7 @@ function setup(done) {
                     userId_1 = result.body.id;
 
                     // HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...)
-                    tokendb.add({ id: 'tid-1', accessToken: token_1, identifier: userId_1, clientId: 'test-client-id', expires: Date.now() + 100000, scope: accesscontrol.SCOPE_PROFILE, name: '' }, callback);
+                    tokendb.add({ id: 'tid-1', accessToken: token_1, identifier: userId_1, clientId: 'test-client-id', expires: Date.now() + 100000, scope: 'unused', name: '' }, callback);
                 });
         }
     ], done);
diff --git a/src/routes/test/profile-test.js b/src/routes/test/profile-test.js
index 6b0cdfcdf..d11c88c6b 100644
--- a/src/routes/test/profile-test.js
+++ b/src/routes/test/profile-test.js
@@ -6,8 +6,7 @@
 
 'use strict';
 
-var accesscontrol = require('../../accesscontrol.js'),
-    constants = require('../../constants.js'),
+var constants = require('../../constants.js'),
     database = require('../../database.js'),
     expect = require('expect.js'),
     hat = require('../../hat.js'),
@@ -110,7 +109,7 @@ describe('Profile API', function () {
             var token = hat(8 * 32);
             var expires = Date.now() - 2000; // 1 sec
 
-            tokendb.add({ id: 'tid-3', accessToken: token, identifier: user_0.id, clientId: null, expires: expires, scope: accesscontrol.SCOPE_PROFILE, name: 'fromtest' }, function (error) {
+            tokendb.add({ id: 'tid-3', accessToken: token, identifier: user_0.id, clientId: null, expires: expires, scope: 'unused', name: 'fromtest' }, function (error) {
                 expect(error).to.not.be.ok();
 
                 superagent.get(SERVER_URL + '/api/v1/profile').query({ access_token: token }).end(function (error, result) {
diff --git a/src/routes/test/users-test.js b/src/routes/test/users-test.js
index 76d4ca302..34998bac3 100644
--- a/src/routes/test/users-test.js
+++ b/src/routes/test/users-test.js
@@ -5,8 +5,7 @@
 
 'use strict';
 
-var accesscontrol = require('../../accesscontrol.js'),
-    async = require('async'),
+var async = require('async'),
     constants = require('../../constants.js'),
     database = require('../../database.js'),
     domains = require('../../domains.js'),
@@ -181,7 +180,7 @@ describe('Users API', function () {
             identifier: user_0.id,
             clientId: null,
             expires: expires,
-            scope: accesscontrol.SCOPE_PROFILE,
+            scope: 'unused',
             name: 'tokenname'
         };
 
@@ -296,7 +295,7 @@ describe('Users API', function () {
                 user_1 = result.body;
 
                 // HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...)
-                tokendb.add({ id: 'tid-3', accessToken: token_1, identifier: user_1.id, clientId: 'test-client-id', expires: Date.now() + 10000, scope: accesscontrol.SCOPE_PROFILE, name: 'fromtest' }, done);
+                tokendb.add({ id: 'tid-3', accessToken: token_1, identifier: user_1.id, clientId: 'test-client-id', expires: Date.now() + 10000, scope: 'unused', name: 'fromtest' }, done);
             });
     });
 
@@ -676,7 +675,7 @@ describe('Users API', function () {
                 userToken = hat(8 * 32);
                 var expires = Date.now() + 2000; // 1 sec
 
-                tokendb.add({ id: 'tid-2', accessToken: userToken, identifier: user_4.id, clientId: null, expires: expires, scope: accesscontrol.SCOPE_PROFILE, name: '' }, done);
+                tokendb.add({ id: 'tid-2', accessToken: userToken, identifier: user_4.id, clientId: null, expires: expires, scope: 'unused', name: '' }, done);
             });
     });