diff --git a/spec/concerns/authenticable_spec.rb b/spec/concerns/authenticable_spec.rb
index 781c6c26d..e5d5a59b2 100644
--- a/spec/concerns/authenticable_spec.rb
+++ b/spec/concerns/authenticable_spec.rb
@@ -402,12 +402,11 @@
   end
 
   describe "get_payload" do
+    let (:payload) { subject.get_payload(
+      uid: subject.symbol.downcase, user: subject, password: 12_345,
+    ) }
     it "works" do
-      expect(
-        subject.get_payload(
-          uid: subject.symbol.downcase, user: subject, password: 12_345,
-        ),
-      ).to eq(
+      expect(payload).to eq(
         "uid" => subject.symbol.downcase,
         "name" => subject.name,
         "email" => subject.system_email,
@@ -416,5 +415,9 @@
         "client_id" => subject.symbol.downcase,
       )
     end
+
+    it "does not contain password" do
+      expect(payload).to include("role_id")
+    end
   end
 end