diff --git a/authentik/core/models.py b/authentik/core/models.py
index 29e62c783..c9c0a44df 100644
--- a/authentik/core/models.py
+++ b/authentik/core/models.py
@@ -62,7 +62,7 @@ def default_token_key():
     """Default token key"""
     # We use generate_id since the chars in the key should be easy
     # to use in Emails (for verification) and URLs (for recovery)
-    return generate_id(128)
+    return generate_id(int(CONFIG.y("default_token_length")))
 
 
 class Group(models.Model):
diff --git a/authentik/lib/default.yml b/authentik/lib/default.yml
index 589e603ab..a84e734d2 100644
--- a/authentik/lib/default.yml
+++ b/authentik/lib/default.yml
@@ -71,3 +71,4 @@ default_user_change_username: true
 
 gdpr_compliance: true
 cert_discovery_dir: /certs
+default_token_length: 128
diff --git a/website/docs/installation/configuration.md b/website/docs/installation/configuration.md
index d07aad13f..b39d56fea 100644
--- a/website/docs/installation/configuration.md
+++ b/website/docs/installation/configuration.md
@@ -179,6 +179,14 @@ Requires authentik 2021.12.1
 
 When enabled, all the events caused by a user will be deleted upon the user's deletion. Defaults to `true`.
 
+### AUTHENTIK_DEFAULT_TOKEN_LENGTH
+
+:::info
+Requires authentik 2022.4.1
+:::
+
+Configure the length of generated tokens. Defaults to 128.
+
 ### AUTHENTIK_FOOTER_LINKS
 
 :::info