diff --git a/api/oidc.go b/api/oidc.go
index 6bec28b..b61e23c 100644
--- a/api/oidc.go
+++ b/api/oidc.go
@@ -424,10 +424,11 @@ func (a *OIDCAPI) resolveUser(info *oidc.UserInfo) (*model.User, int, error) {
 func (a *OIDCAPI) createClient(name string, userID uint) (*model.Client, error) {
 	elevatedUntil := time.Now().Add(model.DefaultElevationDuration)
 	client := &model.Client{
-		Name:          name,
-		Token:         auth.GenerateNotExistingToken(generateClientToken, func(t string) bool { c, _ := a.DB.GetClientByToken(t); return c != nil }),
-		UserID:        userID,
-		ElevatedUntil: &elevatedUntil,
+		Name:                          name,
+		Token:                         auth.GenerateNotExistingToken(generateClientToken, func(t string) bool { c, _ := a.DB.GetClientByToken(t); return c != nil }),
+		UserID:                        userID,
+		ElevatedUntil:                 &elevatedUntil,
+		ExpiresAfterInactivitySeconds: auth.CookieMaxAge,
 	}
 	return client, a.DB.CreateClient(client)
 }
diff --git a/api/oidc_test.go b/api/oidc_test.go
index 0edf0c7..473e57f 100644
--- a/api/oidc_test.go
+++ b/api/oidc_test.go
@@ -7,6 +7,7 @@ import (
 	"time"
 
 	"github.com/gin-gonic/gin"
+	"github.com/gotify/server/v2/auth"
 	"github.com/gotify/server/v2/decaymap"
 	"github.com/gotify/server/v2/mode"
 	"github.com/gotify/server/v2/test"
@@ -153,6 +154,7 @@ func (s *OIDCSuite) Test_CreateClient() {
 	assert.Equal(s.T(), "MyPhone", client.Name)
 	assert.Equal(s.T(), "Ctesttoken00001", client.Token)
 	assert.Equal(s.T(), uint(1), client.UserID)
+	assert.Equal(s.T(), uint(auth.CookieMaxAge), client.ExpiresAfterInactivitySeconds)
 
 	dbClient, err := s.db.GetClientByToken("Ctesttoken00001")
 	assert.NoError(s.T(), err)
diff --git a/api/session.go b/api/session.go
index 7658bd0..c72b8f5 100644
--- a/api/session.go
+++ b/api/session.go
@@ -77,10 +77,11 @@ func (a *SessionAPI) Login(ctx *gin.Context) {
 
 	elevatedUntil := time.Now().Add(model.DefaultElevationDuration)
 	client := model.Client{
-		Name:          clientParams.Name,
-		Token:         auth.GenerateNotExistingToken(generateClientToken, a.clientExists),
-		UserID:        user.ID,
-		ElevatedUntil: &elevatedUntil,
+		Name:                          clientParams.Name,
+		Token:                         auth.GenerateNotExistingToken(generateClientToken, a.clientExists),
+		UserID:                        user.ID,
+		ElevatedUntil:                 &elevatedUntil,
+		ExpiresAfterInactivitySeconds: auth.CookieMaxAge,
 	}
 	if success := successOrAbort(ctx, 500, a.DB.CreateClient(&client)); !success {
 		return
diff --git a/api/session_test.go b/api/session_test.go
index e69423c..ebe3b6f 100644
--- a/api/session_test.go
+++ b/api/session_test.go
@@ -90,6 +90,7 @@ func (s *SessionSuite) Test_Login_Success() {
 	assert.NoError(s.T(), err)
 	assert.Len(s.T(), clients, 1)
 	assert.Equal(s.T(), "test-browser", clients[0].Name)
+	assert.Equal(s.T(), uint(auth.CookieMaxAge), clients[0].ExpiresAfterInactivitySeconds)
 }
 
 func (s *SessionSuite) Test_Login_WrongPassword() {