diff --git a/Jellyfin.Api/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandler.cs b/Jellyfin.Api/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandler.cs
index c5c87056df..e425000cd6 100644
--- a/Jellyfin.Api/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandler.cs
+++ b/Jellyfin.Api/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandler.cs
@@ -31,20 +31,20 @@ namespace Jellyfin.Api.Auth.FirstTimeSetupPolicy
                 context.Succeed(requirement);
             }
 
-            // Succeed if user is admin or api key
-            else if (context.User.GetIsApiKey() || context.User.IsInRole(UserRoles.Administrator))
+            // Succeed if user is admin
+            else if (context.User.IsInRole(UserRoles.Administrator))
             {
                 context.Succeed(requirement);
             }
 
             // Fail if admin is required and user is not admin
-            else if (requirement.RequireAdmin && !context.User.IsInRole(UserRoles.Administrator))
+            else if (requirement.RequireAdmin)
             {
                 context.Fail();
             }
 
             // Succeed if admin is not required and user is not guest
-            else if (!requirement.RequireAdmin && context.User.IsInRole(UserRoles.User))
+            else if (context.User.IsInRole(UserRoles.User))
             {
                 context.Succeed(requirement);
             }
diff --git a/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandlerTests.cs
index 35a24a1291..31d2b486b3 100644
--- a/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandlerTests.cs
+++ b/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandlerTests.cs
@@ -106,16 +106,6 @@ namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupPolicy
             Assert.Equal(shouldSucceed, allowed.Succeeded);
         }
 
-        [Fact]
-        public async Task ShouldAllowAdminApiKeyIfStartupWizardComplete()
-        {
-            TestHelpers.SetupConfigurationManager(_configurationManagerMock, true);
-            var claims = new ClaimsPrincipal(new ClaimsIdentity([new Claim(InternalClaimTypes.IsApiKey, bool.TrueString)]));
-
-            var allowed = await _authorizationService.AuthorizeAsync(claims, "FirstTime");
-            Assert.True(allowed.Succeeded);
-        }
-
         [Fact]
         public async Task ShouldDisallowUserIfOutsideSchedule()
         {