diff --git a/.zuul.d/tempest-and-integrated.yaml b/.zuul.d/tempest-and-integrated.yaml
index 52ff83eca0..df2e9b52ab 100644
--- a/.zuul.d/tempest-and-integrated.yaml
+++ b/.zuul.d/tempest-and-integrated.yaml
@@ -24,11 +24,6 @@
       - ^openstack_dashboard/.*/[^/]*\.spec\.js$
       - ^horizon/static/.*/[^/]*\.spec\.js$
     vars:
-      devstack_localrc:
-        # NOTE: workaround for bug 1950659
-        # Some horizon integration test start failing after devstack
-        # stop creating default keystone admin endpoint.
-        KEYSTONE_ADMIN_ENDPOINT: true
       devstack_services:
         horizon: true
       tox_envlist: integration
diff --git a/openstack_dashboard/api/keystone.py b/openstack_dashboard/api/keystone.py
index 9eb7f18431..d248a223d0 100644
--- a/openstack_dashboard/api/keystone.py
+++ b/openstack_dashboard/api/keystone.py
@@ -157,12 +157,9 @@ def keystoneclient(request, admin=False):
             if domain_token:
                 token_id = getattr(domain_token, 'auth_token', None)
 
-    if admin:
-        if not policy.check((("identity", "admin_required"),), request):
-            raise exceptions.NotAuthorized
-        endpoint_type = 'adminURL'
-    else:
-        endpoint_type = settings.OPENSTACK_ENDPOINT_TYPE
+    if admin and not policy.check((("identity", "admin_required"),), request):
+        raise exceptions.NotAuthorized
+    endpoint_type = settings.OPENSTACK_ENDPOINT_TYPE
 
     # Take care of client connection caching/fetching a new client.
     # Admin vs. non-admin clients are cached separately for token matching.
diff --git a/releasenotes/notes/keystone-admin-endpoint-no-longer-required-06a8d29dfdb3b1cd.yaml b/releasenotes/notes/keystone-admin-endpoint-no-longer-required-06a8d29dfdb3b1cd.yaml
new file mode 100644
index 0000000000..d84e6b0125
--- /dev/null
+++ b/releasenotes/notes/keystone-admin-endpoint-no-longer-required-06a8d29dfdb3b1cd.yaml
@@ -0,0 +1,12 @@
+---
+upgrade:
+  - |
+    Horizon no longer requires the keystone admin endpoint. keystone does
+    not distinguish public and admin endpoints and there is no functional
+    difference between public and admin endpoints. There is no need for
+    a separate endpoint for keystone admin operations, but horizon required
+    the keystone admin endpoint is configured previously. This requirement
+    no longer exists. An endpoint specified by ``OPENSTACK_ENDPOINT_TYPE``
+    setting is used for the keystone admin operations. You can drop
+    the admin endpoint for keystone (unless other services require it).
+    [:bug:`1950659`]