diff --git a/django_auth_adfs/backend.py b/django_auth_adfs/backend.py
index a132022..de755a9 100644
--- a/django_auth_adfs/backend.py
+++ b/django_auth_adfs/backend.py
@@ -69,6 +69,7 @@ def validate_access_token(self, access_token):
                     audience=settings.AUDIENCE,
                     issuer=provider_config.issuer,
                     options=options,
+                    leeway=settings.JWT_LEEWAY
                 )
             except jwt.ExpiredSignatureError as error:
                 logger.info("Signature has expired: %s", error)
diff --git a/django_auth_adfs/config.py b/django_auth_adfs/config.py
index 30830d7..e6051f9 100644
--- a/django_auth_adfs/config.py
+++ b/django_auth_adfs/config.py
@@ -68,6 +68,7 @@ def __init__(self):
         self.TENANT_ID = None  # Required
         self.TIMEOUT = 5
         self.USERNAME_CLAIM = "winaccountname"
+        self.JWT_LEEWAY = 0
 
         required_settings = [
             "AUDIENCE",