diff --git a/lib/adminpage.js b/lib/adminpage.js
index c0e2843..4d24704 100644
--- a/lib/adminpage.js
+++ b/lib/adminpage.js
@@ -6,6 +6,7 @@ import idp from './idp.js';
 import errorpages from '../util/errorpage.js'
 import { decodeJWT, createJWT } from '../util/jwt.js';
 import log from '../util/logging.js'
+import authz from './authz.js'
 
 var redirectBasePath = getRedirectBasepath()
 
@@ -26,7 +27,7 @@ async function verifyAdminJwt(req, res, next) {
             return
         }
         var allowedGroups = getConfig().admin.allowed_groups
-        var foundGroups = await checkUserGroupMembership(decodedJwt, allowedGroups)
+        var foundGroups = await authz.checkUserGroupMembership(decodedJwt, allowedGroups)
         if (foundGroups.length > 0) {
             next()
         } else {
@@ -103,12 +104,6 @@ async function killSession(req, res) {
     res.redirect(redirectBasePath + '/admin/sessions/')
 }
 
-async function checkUserGroupMembership(user, groups) {
-    // FIXME Change this to be a set in memory as part of the idpUpdate
-    let set = new Set(user.groups);
-    return groups.filter(item => set.has(item));
-}
-
 export default {
     renderSessionsPage,
     killSession,