diff --git a/api.planx.uk/client/index.ts b/api.planx.uk/client/index.ts
index cd4ca69d09..6fb02ff19d 100644
--- a/api.planx.uk/client/index.ts
+++ b/api.planx.uk/client/index.ts
@@ -3,18 +3,6 @@ import { userContext } from "../modules/auth/middleware";
 import { ServerError } from "../errors";
 import { buildJWTForAPIRole } from "../modules/auth/service";
 
-/**
- * @deprecated This client's permissions set are higher than required.
- * Should only be used by trusted service-to-service calls (e.g Hasura -> API).
- * Calls made by users should be directed through $public or the role-scoped getClient().
- *
- * Consider removing this and replacing with an "api" role using "backend-only" operations in Hasura
- */
-export const $admin = new CoreDomainClient({
-  auth: { adminSecret: process.env.HASURA_GRAPHQL_ADMIN_SECRET! },
-  targetURL: process.env.HASURA_GRAPHQL_URL!,
-});
-
 /**
  * Connects to Hasura using the "api" role
  *
@@ -48,12 +36,12 @@ export const getClient = () => {
       message: "Missing user context",
     });
 
-  const client = new CoreDomainClient({
+  const $client = new CoreDomainClient({
     targetURL: process.env.HASURA_GRAPHQL_URL!,
     auth: {
       jwt: store.user.jwt,
     },
   });
 
-  return client;
+  return $client;
 };
diff --git a/api.planx.uk/modules/auth/service.ts b/api.planx.uk/modules/auth/service.ts
index e97492df0f..8488c22e0f 100644
--- a/api.planx.uk/modules/auth/service.ts
+++ b/api.planx.uk/modules/auth/service.ts
@@ -1,10 +1,9 @@
 import { sign } from "jsonwebtoken";
-import { $admin } from "../../client";
+import { $api } from "../../client";
 import { User, Role } from "@opensystemslab/planx-core/types";
 
 export const buildJWT = async (email: string): Promise<string | undefined> => {
-  // TODO: 🐓 🥚
-  const user = await $admin.user.getByEmail(email);
+  const user = await $api.user.getByEmail(email);
   if (!user) return;
 
   const data = {