diff --git a/terraform/cluster/do/kubeconfig.tpl b/terraform/cluster/do/kubeconfig.tpl
index 0f02e68..e9348b3 100644
--- a/terraform/cluster/do/kubeconfig.tpl
+++ b/terraform/cluster/do/kubeconfig.tpl
@@ -15,5 +15,4 @@ preferences: {}
 users:
 - name: do
   user:
-    client-certificate-data: ${client_certificate}
-    client-key-data: ${client_key}
+    token: ${token}
diff --git a/terraform/cluster/do/main.tf b/terraform/cluster/do/main.tf
index 7e06f9a..bac59ea 100644
--- a/terraform/cluster/do/main.tf
+++ b/terraform/cluster/do/main.tf
@@ -50,9 +50,8 @@ resource "local_file" "kubeconfig" {
 
   filename = pathexpand("~/.kube/config.do.${var.name}")
   content = templatefile("${path.module}/kubeconfig.tpl", {
-    ca                 = digitalocean_kubernetes_cluster.rack.kube_config[0].cluster_ca_certificate
-    client_certificate = base64encode(digitalocean_kubernetes_cluster.rack.kube_config[0].client_certificate)
-    client_key         = base64encode(digitalocean_kubernetes_cluster.rack.kube_config[0].client_key)
-    endpoint           = digitalocean_kubernetes_cluster.rack.endpoint
+    ca       = digitalocean_kubernetes_cluster.rack.kube_config[0].cluster_ca_certificate
+    endpoint = digitalocean_kubernetes_cluster.rack.endpoint
+    token    = digitalocean_kubernetes_cluster.rack.kube_config[0].token
   })
 }
diff --git a/terraform/cluster/do/outputs.tf b/terraform/cluster/do/outputs.tf
index 9507c7d..d266302 100644
--- a/terraform/cluster/do/outputs.tf
+++ b/terraform/cluster/do/outputs.tf
@@ -3,16 +3,6 @@ output "ca" {
   value      = base64decode(digitalocean_kubernetes_cluster.rack.kube_config[0].cluster_ca_certificate)
 }
 
-output "client_certificate" {
-  depends_on = [digitalocean_kubernetes_cluster.rack]
-  value      = digitalocean_kubernetes_cluster.rack.kube_config[0].client_certificate
-}
-
-output "client_key" {
-  depends_on = [digitalocean_kubernetes_cluster.rack]
-  value      = digitalocean_kubernetes_cluster.rack.kube_config[0].client_key
-}
-
 output "endpoint" {
   depends_on = [digitalocean_kubernetes_cluster.rack]
   value      = digitalocean_kubernetes_cluster.rack.endpoint
@@ -22,3 +12,8 @@ output "name" {
   depends_on = [digitalocean_kubernetes_cluster.rack]
   value      = digitalocean_kubernetes_cluster.rack.name
 }
+
+output "token" {
+  depends_on = [digitalocean_kubernetes_cluster.rack]
+  value      = digitalocean_kubernetes_cluster.rack.kube_config[0].token
+}
diff --git a/terraform/system/do/main.tf b/terraform/system/do/main.tf
index d71bf80..8f2f07e 100644
--- a/terraform/system/do/main.tf
+++ b/terraform/system/do/main.tf
@@ -13,10 +13,9 @@ provider "http" {
 provider "kubernetes" {
   version = "~> 1.10"
 
-  client_certificate     = module.cluster.client_certificate
-  client_key             = module.cluster.client_key
   cluster_ca_certificate = module.cluster.ca
   host                   = module.cluster.endpoint
+  token                  = module.cluster.token
 
   load_config_file = false
 }