diff --git a/authmate/authmate.go b/authmate/authmate.go
index a9085a66..b7b4bf29 100644
--- a/authmate/authmate.go
+++ b/authmate/authmate.go
@@ -12,7 +12,6 @@ import (
 
 	"github.com/google/uuid"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
-	v2acl "github.com/nspcc-dev/neofs-api-go/v2/acl"
 	"github.com/nspcc-dev/neofs-s3-gw/api/cache"
 	"github.com/nspcc-dev/neofs-s3-gw/creds/accessbox"
 	"github.com/nspcc-dev/neofs-s3-gw/creds/tokens"
@@ -318,20 +317,11 @@ func (a *Agent) ObtainSecret(ctx context.Context, w io.Writer, options *ObtainSe
 }
 
 func buildEACLTable(eaclTable []byte) (*eacl.Table, error) {
+	table := eacl.NewTable()
 	if len(eaclTable) != 0 {
-		// fixme(neofs-sdk-go/#235)
-		// Can't parse SDK version of eACL table because it requires
-		// non-empty container ID. Possible solution: read json of bearer
-		// token instead of eACL table.
-		v2table := new(v2acl.Table)
-		err := v2table.UnmarshalJSON(eaclTable)
-		if err != nil {
-			return nil, err
-		}
-		return eacl.NewTableFromV2(v2table), nil
+		return table, table.UnmarshalJSON(eaclTable)
 	}
 
-	table := eacl.NewTable()
 	record := eacl.NewRecord()
 	record.SetOperation(eacl.OperationGet)
 	record.SetAction(eacl.ActionAllow)