diff --git a/authentik/api/authentication.py b/authentik/api/authentication.py
index 1e4870828..32e5949d7 100644
--- a/authentik/api/authentication.py
+++ b/authentik/api/authentication.py
@@ -1,6 +1,6 @@
 """API Authentication"""
 from typing import Any, Optional
-
+from hmac import compare_digest
 from django.conf import settings
 from rest_framework.authentication import BaseAuthentication, get_authorization_header
 from rest_framework.exceptions import AuthenticationFailed
@@ -78,7 +78,7 @@ def token_secret_key(value: str) -> Optional[User]:
     and return the service account for the managed outpost"""
     from authentik.outposts.apps import MANAGED_OUTPOST
 
-    if value != settings.SECRET_KEY:
+    if not compare_digest(value, settings.SECRET_KEY):
         return None
     outposts = Outpost.objects.filter(managed=MANAGED_OUTPOST)
     if not outposts: