diff --git a/src/core/mod.rs b/src/core/mod.rs
index a8c265408..dd15d8705 100644
--- a/src/core/mod.rs
+++ b/src/core/mod.rs
@@ -988,9 +988,7 @@ impl Tracker {
     /// # Errors
     ///
     /// Will return a `key::Error` if unable to get any `auth_key`.
-    pub async fn verify_auth_key(&self, key: &Key) -> Result<(), auth::Error> {
-        // code-review: this function is public only because it's used in a test.
-        // We should change the test and make it private.
+    async fn verify_auth_key(&self, key: &Key) -> Result<(), auth::Error> {
         match self.keys.read().await.get(key) {
             None => Err(auth::Error::UnableToReadKey {
                 location: Location::caller(),
@@ -1830,13 +1828,11 @@ mod tests {
 
                 #[tokio::test]
                 async fn it_should_verify_a_valid_authentication_key() {
-                    // todo: this should not be tested directly because
-                    // `verify_auth_key` should be a private method.
                     let tracker = private_tracker();
 
                     let expiring_key = tracker.generate_auth_key(Some(Duration::from_secs(100))).await.unwrap();
 
-                    assert!(tracker.verify_auth_key(&expiring_key.key()).await.is_ok());
+                    assert!(tracker.authenticate(&expiring_key.key()).await.is_ok());
                 }
 
                 #[tokio::test]
diff --git a/tests/servers/api/v1/contract/context/auth_key.rs b/tests/servers/api/v1/contract/context/auth_key.rs
index cd6d2544f..41f421ca6 100644
--- a/tests/servers/api/v1/contract/context/auth_key.rs
+++ b/tests/servers/api/v1/contract/context/auth_key.rs
@@ -26,10 +26,9 @@ async fn should_allow_generating_a_new_random_auth_key() {
 
     let auth_key_resource = assert_auth_key_utf8(response).await;
 
-    // Verify the key with the tracker
     assert!(env
         .tracker
-        .verify_auth_key(&auth_key_resource.key.parse::<Key>().unwrap())
+        .authenticate(&auth_key_resource.key.parse::<Key>().unwrap())
         .await
         .is_ok());
 
@@ -49,10 +48,9 @@ async fn should_allow_uploading_a_preexisting_auth_key() {
 
     let auth_key_resource = assert_auth_key_utf8(response).await;
 
-    // Verify the key with the tracker
     assert!(env
         .tracker
-        .verify_auth_key(&auth_key_resource.key.parse::<Key>().unwrap())
+        .authenticate(&auth_key_resource.key.parse::<Key>().unwrap())
         .await
         .is_ok());
 
@@ -357,10 +355,9 @@ mod deprecated_generate_key_endpoint {
 
         let auth_key_resource = assert_auth_key_utf8(response).await;
 
-        // Verify the key with the tracker
         assert!(env
             .tracker
-            .verify_auth_key(&auth_key_resource.key.parse::<Key>().unwrap())
+            .authenticate(&auth_key_resource.key.parse::<Key>().unwrap())
             .await
             .is_ok());