diff --git a/crates/handlers/src/oauth2/introspection.rs b/crates/handlers/src/oauth2/introspection.rs
index 421e10cbb..608871e54 100644
--- a/crates/handlers/src/oauth2/introspection.rs
+++ b/crates/handlers/src/oauth2/introspection.rs
@@ -151,6 +151,7 @@ const INACTIVE: IntrospectionResponse = IntrospectionResponse {
     username: None,
     token_type: None,
     exp: None,
+    expires_in: None,
     iat: None,
     nbf: None,
     sub: None,
@@ -281,6 +282,9 @@ pub(crate) async fn post(
                 username,
                 token_type: Some(OAuthTokenTypeHint::AccessToken),
                 exp: access_token.expires_at,
+                expires_in: access_token
+                    .expires_at
+                    .map(|expires_at| expires_at.signed_duration_since(clock.now())),
                 iat: Some(access_token.created_at),
                 nbf: Some(access_token.created_at),
                 sub,
@@ -341,6 +345,7 @@ pub(crate) async fn post(
                 username,
                 token_type: Some(OAuthTokenTypeHint::RefreshToken),
                 exp: None,
+                expires_in: None,
                 iat: Some(refresh_token.created_at),
                 nbf: Some(refresh_token.created_at),
                 sub,
@@ -414,6 +419,9 @@ pub(crate) async fn post(
                 username: Some(user.username),
                 token_type: Some(OAuthTokenTypeHint::AccessToken),
                 exp: access_token.expires_at,
+                expires_in: access_token
+                    .expires_at
+                    .map(|expires_at| expires_at.signed_duration_since(clock.now())),
                 iat: Some(access_token.created_at),
                 nbf: Some(access_token.created_at),
                 sub: Some(user.sub),
@@ -487,6 +495,7 @@ pub(crate) async fn post(
                 username: Some(user.username),
                 token_type: Some(OAuthTokenTypeHint::RefreshToken),
                 exp: None,
+                expires_in: None,
                 iat: Some(refresh_token.created_at),
                 nbf: Some(refresh_token.created_at),
                 sub: Some(user.sub),
diff --git a/crates/oauth2-types/src/requests.rs b/crates/oauth2-types/src/requests.rs
index 0b452ff72..631b33309 100644
--- a/crates/oauth2-types/src/requests.rs
+++ b/crates/oauth2-types/src/requests.rs
@@ -767,6 +767,11 @@ pub struct IntrospectionResponse {
     #[serde_as(as = "Option<TimestampSeconds>")]
     pub exp: Option<DateTime<Utc>>,
 
+    /// Relative timestamp indicating when the token will expire,
+    /// in seconds from the current instant.
+    #[serde_as(as = "Option<DurationSeconds<i64>>")]
+    pub expires_in: Option<Duration>,
+
     /// Timestamp indicating when the token was issued.
     #[serde_as(as = "Option<TimestampSeconds>")]
     pub iat: Option<DateTime<Utc>>,