diff --git a/spec/requests/api/v1/passwords/edit_spec.rb b/spec/requests/api/v1/passwords/edit_spec.rb
index ad3ab3d44..0bc4c8874 100644
--- a/spec/requests/api/v1/passwords/edit_spec.rb
+++ b/spec/requests/api/v1/passwords/edit_spec.rb
@@ -4,24 +4,15 @@
   subject { get edit_user_password_path, params: }
 
   let(:user) { create(:user, password: 'mypass123') }
-  # We have to fix the raw token so this doesn't change in the docs
-  let(:raw) { '96BuszWmzDxRqXYzc_Mf' }
-  let(:key) { Devise.token_generator.send(:key_for, 'reset_password_token') }
-  let(:enc) { OpenSSL::HMAC.hexdigest('SHA256', key, raw) }
+  let(:password_token) { user.send(:set_reset_password_token) }
   let(:params) do
     {
-      reset_password_token: raw,
+      reset_password_token: password_token,
       redirect_url: ENV.fetch('PASSWORD_RESET_URL', nil)
     }
   end
 
-  before do
-    # This is what Devise does behind the scenes in #set_reset_password_token
-    user.reset_password_token = enc
-    user.reset_password_sent_at = Time.current
-    user.save!(validate: false)
-    subject
-  end
+  before { subject }
 
   it 'returns a the access token, uid and client id' do
     expect(response.header['Location']).to include('token')