diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py
index f00a12f3d..c03e4a9b1 100644
--- a/authentik/core/api/users.py
+++ b/authentik/core/api/users.py
@@ -1,4 +1,5 @@
 """User API Views"""
+from datetime import timedelta
 from json import loads
 from typing import Optional
 
@@ -7,6 +8,7 @@ from django.db.transaction import atomic
 from django.db.utils import IntegrityError
 from django.urls import reverse_lazy
 from django.utils.http import urlencode
+from django.utils.timezone import now
 from django.utils.translation import gettext as _
 from django_filters.filters import BooleanFilter, CharFilter, ModelMultipleChoiceFilter
 from django_filters.filterset import FilterSet
@@ -274,6 +276,7 @@ class UserViewSet(UsedByMixin, ModelViewSet):
                     identifier=f"service-account-{username}-password",
                     intent=TokenIntents.INTENT_APP_PASSWORD,
                     user=user,
+                    expires=now() + timedelta(days=360),
                 )
                 return Response({"username": user.username, "token": token.key})
             except (IntegrityError) as exc:
diff --git a/web/src/pages/users/ServiceAccountForm.ts b/web/src/pages/users/ServiceAccountForm.ts
index fc533d259..54e766a46 100644
--- a/web/src/pages/users/ServiceAccountForm.ts
+++ b/web/src/pages/users/ServiceAccountForm.ts
@@ -74,6 +74,9 @@ export class ServiceAccountForm extends Form<UserServiceAccountRequest> {
                         value=${ifDefined(this.result?.token)}
                         class="pf-c-form-control"
                     />
+                    <p class="pf-c-form__helper-text">
+                        ${t`Valid for 360 days, after which the password will automatically rotate. You can copy the password from the Token List.`}
+                    </p>
                 </ak-form-element-horizontal>
             </form>`;
     }