diff --git a/doc/source/api_curl_examples.rst b/doc/source/api_curl_examples.rst
index b3d2af8058..a4b3155366 100644
--- a/doc/source/api_curl_examples.rst
+++ b/doc/source/api_curl_examples.rst
@@ -1114,29 +1114,6 @@ Returns:
         }
     }
 
-GET /users/{user_id}/roles
-==========================
-
-Retrieve the roles granted to a user, given a user ID:
-
-.. code-block:: bash
-
-    $ curl -H "X-Auth-Token:999888777666" http://localhost:35357/v2.0/users/4/roles
-
-Returns:
-
-.. code-block:: javascript
-
-    {
-        "roles_links":[],
-        "roles":[
-            {
-                "id":"2",
-                "name":"KeystoneServiceAdmin"
-            }
-        ]
-    }
-
 GET /tokens/revoked
 ===================
 
diff --git a/keystone/assignment/controllers.py b/keystone/assignment/controllers.py
index 3ec33085fc..cf2bfa62e4 100644
--- a/keystone/assignment/controllers.py
+++ b/keystone/assignment/controllers.py
@@ -192,7 +192,7 @@ class Role(controller.V2Controller):
 
     # COMPAT(essex-3)
     @controller.v2_deprecated
-    def get_user_roles(self, context, user_id, tenant_id=None):
+    def get_user_roles(self, context, user_id, tenant_id):
         """Get the roles for a user and tenant pair.
 
         Since we're trying to ignore the idea of user-only roles we're
@@ -200,10 +200,6 @@ class Role(controller.V2Controller):
 
         """
         self.assert_admin(context)
-        if tenant_id is None:
-            raise exception.NotImplemented(message='User roles not supported: '
-                                                   'tenant ID required')
-
         roles = self.assignment_api.get_roles_for_user_and_project(
             user_id, tenant_id)
         return {'roles': [self.role_api.get_role(x)
diff --git a/keystone/tests/test_content_types.py b/keystone/tests/test_content_types.py
index c92353098c..5dd74df4b2 100644
--- a/keystone/tests/test_content_types.py
+++ b/keystone/tests/test_content_types.py
@@ -260,16 +260,6 @@ class CoreApiTests(object):
             token=token)
         self.assertValidTenantResponse(r)
 
-    def test_get_user_roles(self):
-        # The server responds with a 501 Not Implemented. See bug 933565.
-
-        token = self.get_scoped_token()
-        self.admin_request(
-            path='/v2.0/users/%(user_id)s/roles' % {
-                'user_id': self.user_foo['id'],
-            },
-            token=token, expected_status=501)
-
     def test_get_user_roles_with_tenant(self):
         token = self.get_scoped_token()
         r = self.admin_request(