diff --git a/core/server/services/auth/authenticate.js b/core/server/services/auth/authenticate.js
index 12aeaa04e4..76858b5367 100644
--- a/core/server/services/auth/authenticate.js
+++ b/core/server/services/auth/authenticate.js
@@ -102,9 +102,7 @@ const authenticate = {
         )(req, res, next);
     },
 
-    // @NOTE: authentication for admin api keys is disabled
-    // authenticateAdminApi: [apiKeyAuth.admin.authenticate, session.authenticate],
-    authenticateAdminApi: [session.authenticate],
+    authenticateAdminApi: [apiKeyAuth.admin.authenticate, session.authenticate],
 
     authenticateContentApi: [apiKeyAuth.content.authenticateContentApiKey, members.authenticateMembersToken]
 };
diff --git a/core/test/acceptance/old/admin/key_authentication_spec.js b/core/test/acceptance/old/admin/key_authentication_spec.js
index 949458384b..5097e70a49 100644
--- a/core/test/acceptance/old/admin/key_authentication_spec.js
+++ b/core/test/acceptance/old/admin/key_authentication_spec.js
@@ -7,7 +7,6 @@ const config = require('../../../../server/config');
 
 const ghost = testUtils.startGhost;
 
-// TODO: remove this suite once Admin API key auth is enabled
 describe('Admin API V2 key authentication', function () {
     let request;
 
@@ -21,29 +20,6 @@ describe('Admin API V2 key authentication', function () {
             });
     });
 
-    it('browse with correct GET endpoint token', function () {
-        return request.get(localUtils.API.getApiQuery('posts/'))
-            .set('Authorization', `Ghost ${localUtils.getValidAdminToken(localUtils.API.getApiQuery('posts/'))}`)
-            .expect('Content-Type', /json/)
-            .expect('Cache-Control', testUtils.cacheRules.private)
-            .expect(403);
-    });
-});
-
-// TODO: enable this suite once Admin API key auth is enabled
-describe.skip('Admin API V2 key authentication', function () {
-    let request;
-
-    before(function () {
-        return ghost()
-            .then(function (_ghostServer) {
-                request = supertest.agent(config.get('url'));
-            })
-            .then(function () {
-                return testUtils.initFixtures('api_keys');
-            });
-    });
-
     it('do not authenticate without token header', function () {
         return request.get(localUtils.API.getApiQuery('posts/'))
             .set('Authorization', `Ghost`)