diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 5e32606622bebac2fd0e217c8a70768b8b2d90ed..151b99434bcb822d4d8ea812b60d7b7d9928438b 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -9,6 +9,11 @@ and this project adheres to `Semantic Versioning`_.
 Unreleased
 ----------
 
+Added
+~~~~~
+
+* [OAuth] Expired tokens are now cleared in a periodic task
+
 Changed
 ~~~~~~~
 
diff --git a/aleksis/core/tasks.py b/aleksis/core/tasks.py
index 13eb76444b77e84ca7509958f02517c98b678296..97ccfa2270b9d87ab8698414ce87c53f06446d22 100644
--- a/aleksis/core/tasks.py
+++ b/aleksis/core/tasks.py
@@ -40,3 +40,11 @@ def backup_data() -> None:
     # Hand off to dbbackup's management commands
     management.call_command("dbbackup", *db_options)
     management.call_command("mediabackup", *media_options)
+
+
+@app.task(run_every=timedelta(days=1))
+def clear_oauth_tokens():
+    """Clear expired OAuth2 tokens."""
+    from oauth2_provider.models import clear_tokens  # noqa
+
+    return clear_tokens()
diff --git a/pyproject.toml b/pyproject.toml
index 9c6f2e14986568e10b42597cbb10948681006aec..0587d6373842c71e486667f13036971d2cd9cb72 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -113,7 +113,7 @@ django-allauth = "^0.47.0"
 django-uwsgi-ng = "^1.1.0"
 django-extensions = "^3.1.1"
 ipython = "^8.0.0"
-django-oauth-toolkit = "^1.6.2"
+django-oauth-toolkit = "^1.7.0"
 django-redis = "^5.0.0"
 django-storages = {version = "^1.11.1", optional = true}
 boto3 = {version = "^1.17.33", optional = true}