diff --git a/SAS/TMSS/backend/test/t_permissions_project_roles.py b/SAS/TMSS/backend/test/t_permissions_project_roles.py
index 0c42f025fdbfe5f87da61aad84752754d442c820..0c5db12f20f9ba7b394b995e841f59dcd1aa1bb1 100755
--- a/SAS/TMSS/backend/test/t_permissions_project_roles.py
+++ b/SAS/TMSS/backend/test/t_permissions_project_roles.py
@@ -54,6 +54,10 @@ from django.test import TestCase
 from django.contrib.auth import get_user_model
 User = get_user_model()
 
+from django.conf import settings
+
+import json
+
 class ProjectPermissionTestCase(TestCase):
     # This tests that the project permissions are enforced in light of the project roles that are externally provided
     # for the user through the user admin. This test does not rely on the project permissions as defined in the system,
@@ -235,29 +239,35 @@ class ProjectPermissionTestCase(TestCase):
             self.assertEqual(r.status_code, 403)
             self.assertNotIn('Access-Control-Allow-Methods', r.headers)
 
-    # todo: add tests for other models with project permissions
-
     def test_project_get_friend_returns_correct_user(self):
         """
         Note: This test relies on real data from Keycloak.
         """
-        r = GET_and_assert_equal_expected_code(self, self.project_keycloak_url + '/friend/', 200)
-        self.assertEqual(len(r), 2)
-        for friend in r:
+        with requests.Session() as session:
+            session.verify = False
+            session.auth = (AUTH.username, AUTH.password)
+            r = session.get(self.project_keycloak_url + '/friend/')
+        if 'Invalid user credentials' in str(r.content) or \
+                'Service Unavailable' in str(r.content):
+            self.skipTest('skipping test_project_get_friend_returns_correct_user because the test environment has'
+                           'no valid admin credentials configured, or Keycloak is not working correctly.')
+        self.assertEqual(r.status_code, 200)
+        content = json.loads(r.content.decode('utf-8'))
+        self.assertEqual(len(content), 2)
+        for friend in content:
             # Todo: find a way to mock the Keycloak response so we can assert more strictly.
             self.assertTrue(friend.endswith('@astron.nl'))  # redacted expected full email due to GDPR
 
     def test_project_get_friend_returns_403_if_no_permission_for_project(self):
 
-        r = GET_and_assert_equal_expected_code(self, self.project_forbidden_url + '/my_roles/', 403, auth=self.auth)
+        r = GET_and_assert_equal_expected_code(self, self.project_forbidden_url + '/friend/', 403, auth=self.auth)
         self.assertIn('permission', str(r))
 
-
     def test_project_get_my_roles_returns_correct_roles(self):
 
-        # r = GET_and_assert_equal_expected_code(self, self.project_shared_support_url + '/my_roles/', 200, auth=self.auth)
-        # expected_reply = ['shared_support']
-        # self.assertEqual(expected_reply, r)
+        r = GET_and_assert_equal_expected_code(self, self.project_shared_support_url + '/my_roles/', 200, auth=self.auth)
+        expected_reply = ['shared_support']
+        self.assertEqual(expected_reply, r)
 
         r = GET_and_assert_equal_expected_code(self, self.project_friend_url + '/my_roles/', 200, auth=self.auth)
         expected_reply = ['friend_of_project']