diff --git a/authentik/providers/oauth2/models.py b/authentik/providers/oauth2/models.py
index a9b82bf84..5ee94bfe2 100644
--- a/authentik/providers/oauth2/models.py
+++ b/authentik/providers/oauth2/models.py
@@ -474,7 +474,7 @@ class RefreshToken(ExpiringModel, BaseGrantModel):
         now = int(time.time())
         iat_time = now
         exp_time = int(
-            now + timedelta_from_string(self.provider.token_validity).seconds
+            now + timedelta_from_string(self.provider.token_validity).total_seconds()
         )
         # We use the timestamp of the user's last successful login (EventAction.LOGIN) for auth_time
         auth_events = Event.objects.filter(
diff --git a/authentik/providers/oauth2/views/authorize.py b/authentik/providers/oauth2/views/authorize.py
index 5319ce40d..3728c92b5 100644
--- a/authentik/providers/oauth2/views/authorize.py
+++ b/authentik/providers/oauth2/views/authorize.py
@@ -374,9 +374,9 @@ class OAuthFulfillmentStage(StageView):
             query_fragment["code"] = code.code
 
         query_fragment["token_type"] = "bearer"
-        query_fragment["expires_in"] = timedelta_from_string(
-            self.provider.token_validity
-        ).seconds
+        query_fragment["expires_in"] = int(
+            timedelta_from_string(self.provider.token_validity).total_seconds()
+        )
         query_fragment["state"] = self.params.state if self.params.state else ""
 
         return query_fragment
diff --git a/authentik/providers/oauth2/views/token.py b/authentik/providers/oauth2/views/token.py
index c0d85a345..7c78eed16 100644
--- a/authentik/providers/oauth2/views/token.py
+++ b/authentik/providers/oauth2/views/token.py
@@ -215,9 +215,11 @@ class TokenView(View):
             "access_token": refresh_token.access_token,
             "refresh_token": refresh_token.refresh_token,
             "token_type": "bearer",
-            "expires_in": timedelta_from_string(
-                self.params.provider.token_validity
-            ).seconds,
+            "expires_in": int(
+                timedelta_from_string(
+                    self.params.provider.token_validity
+                ).total_seconds()
+            ),
             "id_token": refresh_token.provider.encode(refresh_token.id_token.to_dict()),
         }
 
@@ -258,9 +260,11 @@ class TokenView(View):
             "access_token": refresh_token.access_token,
             "refresh_token": refresh_token.refresh_token,
             "token_type": "bearer",
-            "expires_in": timedelta_from_string(
-                refresh_token.provider.token_validity
-            ).seconds,
+            "expires_in": int(
+                timedelta_from_string(
+                    refresh_token.provider.token_validity
+                ).total_seconds()
+            ),
             "id_token": self.params.provider.encode(refresh_token.id_token.to_dict()),
         }