diff --git a/.env.example b/.env.example
index 4608c185b..6e41e009d 100644
--- a/.env.example
+++ b/.env.example
@@ -76,6 +76,7 @@ ENCRYPT=false
 COOKIE_NAME=snipeit_session
 COOKIE_DOMAIN=null
 SECURE_COOKIES=false
+API_TOKEN_EXPIRATION_YEARS=40
 
 # --------------------------------------------
 # OPTIONAL: SECURITY HEADER SETTINGS
diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php
index efdbec0c0..067af8ccb 100644
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@@ -87,9 +87,9 @@ class AuthServiceProvider extends ServiceProvider
 
         $this->registerPolicies();
         Passport::routes();
-        Passport::tokensExpireIn(Carbon::now()->addYears(20));
-        Passport::refreshTokensExpireIn(Carbon::now()->addYears(20));
-        Passport::personalAccessTokensExpireIn(Carbon::now()->addYears(20));
+        Passport::tokensExpireIn(Carbon::now()->addYears(config('passport.expiration_years')));
+        Passport::refreshTokensExpireIn(Carbon::now()->addYears(config('passport.expiration_years')));
+        Passport::personalAccessTokensExpireIn(Carbon::now()->addYears(config('passport.expiration_years')));
         Passport::withCookieSerialization();
 
 
diff --git a/config/passport.php b/config/passport.php
index 1d9244514..b8342a6b5 100644
--- a/config/passport.php
+++ b/config/passport.php
@@ -12,4 +12,5 @@ return [
     */
     'private_key' => env('PASSPORT_PRIVATE_KEY'),
     'public_key' => env('PASSPORT_PUBLIC_KEY'),
+    'expiration_years' => env('API_TOKEN_EXPIRATION_YEARS', 20),
 ];
\ No newline at end of file