...
Verify the validity of access token
Return 401 in case validation fails
Verify token is not expired
in case error return 401
Check user scopes in order to perform this action (scope = 'allergy_intoleranceepisode:read')
Return 403 in case invalid scope(s)
...