diff --git a/jupyterhub/tests/mocking.py b/jupyterhub/tests/mocking.py
index 74340562..24b03f2e 100644
--- a/jupyterhub/tests/mocking.py
+++ b/jupyterhub/tests/mocking.py
@@ -78,13 +78,6 @@ def mock_open_session(username, service, encoding):
     pass
 
 
-def mock_role(app, role='admin', name=None):
-    scopes = get_scopes(role)
-    if name is not None:
-        scopes = [scope.format(username=name) for scope in scopes]
-    return mock.patch.dict(app.tornado_settings, {'mock_scopes': scopes})
-
-
 class MockSpawner(SimpleLocalProcessSpawner):
     """Base mock spawner
 
diff --git a/jupyterhub/tests/test_api.py b/jupyterhub/tests/test_api.py
index 89e24a34..dc4a3987 100644
--- a/jupyterhub/tests/test_api.py
+++ b/jupyterhub/tests/test_api.py
@@ -18,7 +18,6 @@ from .. import roles
 from ..objects import Server
 from ..utils import url_path_join as ujoin
 from ..utils import utcnow
-from .mocking import mock_role
 from .mocking import public_host
 from .mocking import public_url
 from .utils import add_user
@@ -181,8 +180,7 @@ async def test_get_users(app):
             {'name': 'user', 'admin': False, 'roles': ['user'], 'last_activity': None}
         ),
     ]
-    with mock_role(app, 'user'):
-        r = await api_request(app, 'users', headers=auth_header(db, 'user'))
+    r = await api_request(app, 'users', headers=auth_header(db, 'user'))
     assert r.status_code == 403
 
 
@@ -284,12 +282,11 @@ async def test_get_self(app):
     assert model['name'] == u.name
 
     # invalid auth gets 403
-    with mock_role(app, 'user'):
-        r = await api_request(
-            app,
-            'user',
-            headers={'Authorization': 'token notvalid'},
-        )
+    r = await api_request(
+        app,
+        'user',
+        headers={'Authorization': 'token notvalid'},
+    )
     assert r.status_code == 403
 
 
@@ -314,12 +311,11 @@ async def test_add_user(app):
 async def test_get_user(app):
     name = 'user'
     _ = await api_request(app, 'users', name, headers=auth_header(app.db, name))
-    with mock_role(app, role=name, name=name):
-        r = await api_request(
-            app,
-            'users',
-            name,
-        )
+    r = await api_request(
+        app,
+        'users',
+        name,
+    )
     assert r.status_code == 200
 
     user = normalize_user(r.json())
@@ -518,15 +514,14 @@ async def test_user_set_auth_state(app, auth_state_enabled):
     assert user.name == name
     user_auth_state = await user.get_auth_state()
     assert user_auth_state is None
-    with mock_role(app, 'user'):
-        r = await api_request(
-            app,
-            'users',
-            name,
-            method='patch',
-            data=json.dumps({'auth_state': auth_state}),
-            headers=auth_header(app.db, name),
-        )
+    r = await api_request(
+        app,
+        'users',
+        name,
+        method='patch',
+        data=json.dumps({'auth_state': auth_state}),
+        headers=auth_header(app.db, name),
+    )
     assert r.status_code == 403
     user_auth_state = await user.get_auth_state()
     assert user_auth_state is None
@@ -1348,16 +1343,15 @@ async def test_token_authenticator_noauth(app):
     """Create a token for a user relying on Authenticator.authenticate and no auth header"""
     name = 'user'
     data = {'auth': {'username': name, 'password': name}}
-    with mock_role(app, 'admin'):
-        r = await api_request(
-            app,
-            'users',
-            name,
-            'tokens',
-            method='post',
-            data=json.dumps(data) if data else None,
-            noauth=True,
-        )
+    r = await api_request(
+        app,
+        'users',
+        name,
+        'tokens',
+        method='post',
+        data=json.dumps(data) if data else None,
+        noauth=True,
+    )
     assert r.status_code == 200
     reply = r.json()
     assert 'token' in reply
@@ -1372,16 +1366,15 @@ async def test_token_authenticator_dict_noauth(app):
     app.authenticator.auth_state = {'who': 'cares'}
     name = 'user'
     data = {'auth': {'username': name, 'password': name}}
-    with mock_role(app, 'user'):
-        r = await api_request(
-            app,
-            'users',
-            name,
-            'tokens',
-            method='post',
-            data=json.dumps(data) if data else None,
-            noauth=True,
-        )
+    r = await api_request(
+        app,
+        'users',
+        name,
+        'tokens',
+        method='post',
+        data=json.dumps(data) if data else None,
+        noauth=True,
+    )
     assert r.status_code == 200
     reply = r.json()
     assert 'token' in reply
@@ -1405,8 +1398,7 @@ async def test_token_list(app, as_user, for_user, status):
     if for_user != 'missing':
         for_user_obj = add_user(app.db, app, name=for_user)
     headers = {'Authorization': 'token %s' % u.new_api_token()}
-    with mock_role(app, role=as_user, name=as_user):
-        r = await api_request(app, 'users', for_user, 'tokens', headers=headers)
+    r = await api_request(app, 'users', for_user, 'tokens', headers=headers)
     assert r.status_code == status
     if status != 200:
         return
@@ -1417,10 +1409,9 @@ async def test_token_list(app, as_user, for_user, status):
     assert all(token['user'] == for_user for token in reply['oauth_tokens'])
     # validate individual token ids
     for token in reply['api_tokens'] + reply['oauth_tokens']:
-        with mock_role(app, role=as_user, name=as_user):
-            r = await api_request(
-                app, 'users', for_user, 'tokens', token['id'], headers=headers
-            )
+        r = await api_request(
+            app, 'users', for_user, 'tokens', token['id'], headers=headers
+        )
         r.raise_for_status()
         reply = r.json()
         assert normalize_token(reply) == normalize_token(token)
@@ -1603,8 +1594,7 @@ async def test_get_services(app, mockservice_url):
             'display': True,
         }
     }
-    with mock_role(app, 'user'):
-        r = await api_request(app, 'services', headers=auth_header(db, 'user'))
+    r = await api_request(app, 'services', headers=auth_header(db, 'user'))
     assert r.status_code == 403
 
 
@@ -1647,16 +1637,14 @@ async def test_root_api(app):
     if app.internal_ssl:
         kwargs['cert'] = (app.internal_ssl_cert, app.internal_ssl_key)
         kwargs["verify"] = app.internal_ssl_ca
-    with mock_role(app):
-        r = await api_request(app, bypass_proxy=True)
+    r = await api_request(app, bypass_proxy=True)
     r.raise_for_status()
     expected = {'version': jupyterhub.__version__}
     assert r.json() == expected
 
 
 async def test_info(app):
-    with mock_role(app):
-        r = await api_request(app, 'info')
+    r = await api_request(app, 'info')
     r.raise_for_status()
     data = r.json()
     assert data['version'] == jupyterhub.__version__
@@ -1686,14 +1674,13 @@ async def test_info(app):
 
 async def test_update_activity_403(app, user, admin_user):
     token = user.new_api_token()
-    with mock_role(app, 'user'):
-        r = await api_request(
-            app,
-            "users/{}/activity".format(admin_user.name),
-            headers={"Authorization": "token {}".format(token)},
-            data="{}",
-            method="post",
-        )
+    r = await api_request(
+        app,
+        "users/{}/activity".format(admin_user.name),
+        headers={"Authorization": "token {}".format(token)},
+        data="{}",
+        method="post",
+    )
     assert r.status_code == 403