diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java
index bc739ea1b..9e0f7117e 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/service/JPAEntityDescriptorServiceImpl.java
@@ -326,7 +326,6 @@ public EntityDescriptorRepresentation createRepresentationFromDescriptor(org.ope
     @Override
     public void delete(String resourceId) throws ForbiddenException, EntityNotFoundException {
         EntityDescriptor ed = getEntityDescriptorByResourceId(resourceId);
-        // @TODO - need authorization check for group? The controller probably is only allowing admins to delete
         if (ed.isServiceEnabled()) {
             throw new ForbiddenException("Deleting an enabled Metadata Source is not allowed. Disable the source and try again.");
         }