diff --git a/api/http/proxy/factory/kubernetes/token.go b/api/http/proxy/factory/kubernetes/token.go
index 0e84f2d83..bfcc145d8 100644
--- a/api/http/proxy/factory/kubernetes/token.go
+++ b/api/http/proxy/factory/kubernetes/token.go
@@ -45,7 +45,7 @@ func (manager *tokenManager) getAdminServiceAccountToken() string {
 	return manager.adminToken
 }
 
-func (manager *tokenManager) getUserServiceAccountToken(userID int, username string) (string, error) {
+func (manager *tokenManager) getUserServiceAccountToken(userID int) (string, error) {
 	manager.mutex.Lock()
 	defer manager.mutex.Unlock()
 
@@ -61,12 +61,12 @@ func (manager *tokenManager) getUserServiceAccountToken(userID int, username str
 			teamIds = append(teamIds, int(membership.TeamID))
 		}
 
-		err = manager.kubecli.SetupUserServiceAccount(userID, username, teamIds)
+		err = manager.kubecli.SetupUserServiceAccount(userID, teamIds)
 		if err != nil {
 			return "", err
 		}
 
-		serviceAccountToken, err := manager.kubecli.GetServiceAccountBearerToken(userID, username)
+		serviceAccountToken, err := manager.kubecli.GetServiceAccountBearerToken(userID)
 		if err != nil {
 			return "", err
 		}
diff --git a/api/http/proxy/factory/kubernetes/transport.go b/api/http/proxy/factory/kubernetes/transport.go
index 7837ce647..4fbacf590 100644
--- a/api/http/proxy/factory/kubernetes/transport.go
+++ b/api/http/proxy/factory/kubernetes/transport.go
@@ -59,7 +59,7 @@ func (transport *localTransport) RoundTrip(request *http.Request) (*http.Respons
 	if tokenData.Role == portainer.AdministratorRole {
 		token = transport.tokenManager.getAdminServiceAccountToken()
 	} else {
-		token, err = transport.tokenManager.getUserServiceAccountToken(int(tokenData.ID), tokenData.Username)
+		token, err = transport.tokenManager.getUserServiceAccountToken(int(tokenData.ID))
 		if err != nil {
 			return nil, err
 		}
@@ -94,7 +94,7 @@ func (transport *agentTransport) RoundTrip(request *http.Request) (*http.Respons
 	if tokenData.Role == portainer.AdministratorRole {
 		token = transport.tokenManager.getAdminServiceAccountToken()
 	} else {
-		token, err = transport.tokenManager.getUserServiceAccountToken(int(tokenData.ID), tokenData.Username)
+		token, err = transport.tokenManager.getUserServiceAccountToken(int(tokenData.ID))
 		if err != nil {
 			return nil, err
 		}
@@ -136,7 +136,7 @@ func (transport *edgeTransport) RoundTrip(request *http.Request) (*http.Response
 	if tokenData.Role == portainer.AdministratorRole {
 		token = transport.tokenManager.getAdminServiceAccountToken()
 	} else {
-		token, err = transport.tokenManager.getUserServiceAccountToken(int(tokenData.ID), tokenData.Username)
+		token, err = transport.tokenManager.getUserServiceAccountToken(int(tokenData.ID))
 		if err != nil {
 			return nil, err
 		}
diff --git a/api/kubernetes/cli/naming.go b/api/kubernetes/cli/naming.go
index 9c101e5bd..cbc0c4675 100644
--- a/api/kubernetes/cli/naming.go
+++ b/api/kubernetes/cli/naming.go
@@ -13,8 +13,8 @@ const (
 	portainerConfigMapAccessPoliciesKey = "NamespaceAccessPolicies"
 )
 
-func userServiceAccountName(userID int, username string) string {
-	return fmt.Sprintf("%s-%d-%s", portainerUserServiceAccountPrefix, userID, username)
+func userServiceAccountName(userID int) string {
+	return fmt.Sprintf("%s-%d", portainerUserServiceAccountPrefix, userID)
 }
 
 func userServiceAccountTokenSecretName(serviceAccountName string) string {
diff --git a/api/kubernetes/cli/service_account.go b/api/kubernetes/cli/service_account.go
index 1af1b47f9..52e1b1fe5 100644
--- a/api/kubernetes/cli/service_account.go
+++ b/api/kubernetes/cli/service_account.go
@@ -8,8 +8,8 @@ import (
 )
 
 // GetServiceAccountBearerToken returns the ServiceAccountToken associated to the specified user.
-func (kcl *KubeClient) GetServiceAccountBearerToken(userID int, username string) (string, error) {
-	serviceAccountName := userServiceAccountName(userID, username)
+func (kcl *KubeClient) GetServiceAccountBearerToken(userID int) (string, error) {
+	serviceAccountName := userServiceAccountName(userID)
 
 	return kcl.getServiceAccountToken(serviceAccountName)
 }
@@ -17,8 +17,8 @@ func (kcl *KubeClient) GetServiceAccountBearerToken(userID int, username string)
 // SetupUserServiceAccount will make sure that all the required resources are created inside the Kubernetes
 // cluster before creating a ServiceAccount and a ServiceAccountToken for the specified Portainer user.
 //It will also create required default RoleBinding and ClusterRoleBinding rules.
-func (kcl *KubeClient) SetupUserServiceAccount(userID int, username string, teamIDs []int) error {
-	serviceAccountName := userServiceAccountName(userID, username)
+func (kcl *KubeClient) SetupUserServiceAccount(userID int, teamIDs []int) error {
+	serviceAccountName := userServiceAccountName(userID)
 
 	err := kcl.ensureRequiredResourcesExist()
 	if err != nil {
diff --git a/api/portainer.go b/api/portainer.go
index fab4fdd46..b96cfdbe7 100644
--- a/api/portainer.go
+++ b/api/portainer.go
@@ -961,8 +961,8 @@ type (
 
 	// KubeClient represents a service used to query a Kubernetes environment
 	KubeClient interface {
-		SetupUserServiceAccount(userID int, username string, teamIDs []int) error
-		GetServiceAccountBearerToken(userID int, username string) (string, error)
+		SetupUserServiceAccount(userID int, teamIDs []int) error
+		GetServiceAccountBearerToken(userID int) (string, error)
 		StartExecProcess(namespace, podName, containerName string, command []string, stdin io.Reader, stdout io.Writer) error
 	}