diff --git a/webhooks/invitation_webhook.go b/webhooks/invitation_webhook.go
index 80c8176b..bf79554f 100644
--- a/webhooks/invitation_webhook.go
+++ b/webhooks/invitation_webhook.go
@@ -5,10 +5,8 @@ import (
 	"fmt"
 	"net/http"
 
-	"github.com/google/uuid"
 	"go.uber.org/multierr"
 	authenticationv1 "k8s.io/api/authentication/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/kubernetes/pkg/apis/authorization"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -86,9 +84,6 @@ func canEditTarget(ctx context.Context, c client.Client, user authenticationv1.U
 	ra.Verb = verb
 
 	rw := authorization.SubjectAccessReview{
-		ObjectMeta: metav1.ObjectMeta{
-			Name: uuid.New().String(),
-		},
 		Spec: authorization.SubjectAccessReviewSpec{
 			ResourceAttributes: ra,
 			User:               user.Username,
diff --git a/webhooks/invitation_webhook_test.go b/webhooks/invitation_webhook_test.go
index 9e25f444..fd0ecc76 100644
--- a/webhooks/invitation_webhook_test.go
+++ b/webhooks/invitation_webhook_test.go
@@ -16,7 +16,6 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
-	ktesting "k8s.io/client-go/testing"
 	"k8s.io/kubernetes/pkg/apis/authorization"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
@@ -331,18 +330,19 @@ func prepareInvitationValidatorTest(t *testing.T, sarAllowedUser string, initObj
 		Kind:    "RoleBinding",
 	}, meta.RESTScopeNamespace)
 
-	tr := subjectAccessReviewResponder{
-		ktesting.NewObjectTracker(scheme, clientgoscheme.Codecs.UniversalDecoder()),
-		sarAllowedUser,
-	}
+	var client client.WithWatch
 
-	client := fake.NewClientBuilder().
+	client = fake.NewClientBuilder().
 		WithScheme(scheme).
 		WithObjects(initObjs...).
 		WithRESTMapper(drm).
-		WithObjectTracker(tr).
 		Build()
 
+	client = subjectAccessReviewResponder{
+		client,
+		sarAllowedUser,
+	}
+
 	iv := &InvitationValidator{}
 	iv.InjectClient(client)
 	iv.InjectDecoder(decoder)
@@ -350,18 +350,18 @@ func prepareInvitationValidatorTest(t *testing.T, sarAllowedUser string, initObj
 	return iv
 }
 
-// subjectAccessReviewResponder is a wrapper for testing.ObjectTracker that responds to SubjectAccessReview create requests
+// subjectAccessReviewResponder is a wrapper for client.WithWatch that responds to SubjectAccessReview create requests
 // and allows or denies the request based on the allowedUser name.
 type subjectAccessReviewResponder struct {
-	ktesting.ObjectTracker
+	client.WithWatch
 
 	allowedUser string
 }
 
-func (r subjectAccessReviewResponder) Create(gvr schema.GroupVersionResource, obj runtime.Object, ns string) error {
+func (r subjectAccessReviewResponder) Create(ctx context.Context, obj client.Object, opts ...client.CreateOption) error {
 	if sar, ok := obj.(*authorization.SubjectAccessReview); ok {
 		sar.Status.Allowed = sar.Spec.User == r.allowedUser
 		return nil
 	}
-	return r.ObjectTracker.Create(gvr, obj, ns)
+	return r.WithWatch.Create(ctx, obj, opts...)
 }