diff --git a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java
index 86455491dc0..790ba56bd4d 100644
--- a/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java
+++ b/components/org.wso2.carbon.identity.oauth.common/src/main/java/org/wso2/carbon/identity/oauth/common/OAuthConstants.java
@@ -118,6 +118,7 @@ public final class OAuthConstants {
     //Constants used for OAuth/OpenID Connect Configuration UI
     public static final String CALLBACK_URL_REGEXP_PREFIX = "regexp=";
 
+    public static final String AUTHORIZATION_CODE_VALIDITY_PERIOD = "authorizationCodeValidityPeriod";
     public static final String AUTHORIZATION_CODE_STORE_TABLE = "IDN_OAUTH2_AUTHORIZATION_CODE";
 
     //Constants used for OAuth Secret Revoke and Regeneration
diff --git a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl
index 7c1b16100de..d9477542b49 100644
--- a/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl
+++ b/components/org.wso2.carbon.identity.oauth.stub/src/main/resources/OAuthAdminService.wsdl
@@ -318,6 +318,18 @@
                     </xs:sequence>
                 </xs:complexType>
             </xs:element>
+            <xs:element name="getAuthorizationCodeValidityPeriod">
+                <xs:complexType>
+                    <xs:sequence/>
+                </xs:complexType>
+            </xs:element>
+            <xs:element name="getAuthorizationCodeValidityPeriodResponse">
+                <xs:complexType>
+                    <xs:sequence>
+                        <xs:element minOccurs="0" name="return" type="xs:long"/>
+                    </xs:sequence>
+                </xs:complexType>
+            </xs:element>
             <xs:element name="getTokenExpiryTimes">
                 <xs:complexType>
                     <xs:sequence/>
@@ -397,6 +409,7 @@
                     <xs:element minOccurs="0" name="applicationAccessTokenExpiryTime" type="xs:long"/>
                     <xs:element minOccurs="0" name="applicationName" nillable="true" type="xs:string"/>
                     <xs:element maxOccurs="unbounded" minOccurs="0" name="audiences" nillable="true" type="xs:string"/>
+                    <xs:element minOccurs="0" name="authorizationCodeValidityPeriod" type="xs:long"/>
                     <xs:element minOccurs="0" name="backChannelLogoutUrl" nillable="true" type="xs:string"/>
                     <xs:element minOccurs="0" name="bypassClientCredentials" type="xs:boolean"/>
                     <xs:element minOccurs="0" name="callbackUrl" nillable="true" type="xs:string"/>
@@ -525,6 +538,12 @@
     <wsdl:message name="isPKCESupportEnabledResponse">
         <wsdl:part name="parameters" element="ns1:isPKCESupportEnabledResponse"/>
     </wsdl:message>
+    <wsdl:message name="getAuthorizationCodeValidityPeriodRequest">
+        <wsdl:part name="parameters" element="ns1:getAuthorizationCodeValidityPeriod"/>
+    </wsdl:message>
+    <wsdl:message name="getAuthorizationCodeValidityPeriodResponse">
+        <wsdl:part name="parameters" element="ns1:getAuthorizationCodeValidityPeriodResponse"/>
+    </wsdl:message>
     <wsdl:message name="isRefreshTokenRenewalEnabledRequest">
         <wsdl:part name="parameters" element="ns1:isRefreshTokenRenewalEnabled"/>
     </wsdl:message>
@@ -689,6 +708,10 @@
             <wsdl:input message="tns:isPKCESupportEnabledRequest" wsaw:Action="urn:isPKCESupportEnabled"/>
             <wsdl:output message="tns:isPKCESupportEnabledResponse" wsaw:Action="urn:isPKCESupportEnabledResponse"/>
         </wsdl:operation>
+        <wsdl:operation name="getAuthorizationCodeValidityPeriod">
+            <wsdl:input message="tns:getAuthorizationCodeValidityPeriodRequest" wsaw:Action="urn:getAuthorizationCodeValidityPeriod"/>
+            <wsdl:output message="tns:getAuthorizationCodeValidityPeriodResponse" wsaw:Action="urn:getAuthorizationCodeValidityPeriodResponse"/>
+        </wsdl:operation>
         <wsdl:operation name="isRefreshTokenRenewalEnabled">
             <wsdl:input message="tns:isRefreshTokenRenewalEnabledRequest" wsaw:Action="urn:isRefreshTokenRenewalEnabled"/>
             <wsdl:output message="tns:isRefreshTokenRenewalEnabledResponse" wsaw:Action="urn:isRefreshTokenRenewalEnabledResponse"/>
@@ -912,6 +935,15 @@
                 <soap:body use="literal"/>
             </wsdl:output>
         </wsdl:operation>
+        <wsdl:operation name="getAuthorizationCodeValidityPeriod">
+            <soap:operation soapAction="urn:getAuthorizationCodeValidityPeriod" style="document"/>
+            <wsdl:input>
+                <soap:body use="literal"/>
+            </wsdl:input>
+            <wsdl:output>
+                <soap:body use="literal"/>
+            </wsdl:output>
+        </wsdl:operation>
         <wsdl:operation name="isRefreshTokenRenewalEnabled">
             <soap:operation soapAction="urn:isRefreshTokenRenewalEnabled" style="document"/>
             <wsdl:input>
@@ -1266,6 +1298,15 @@
                 <soap12:body use="literal"/>
             </wsdl:output>
         </wsdl:operation>
+        <wsdl:operation name="getAuthorizationCodeValidityPeriod">
+            <soap12:operation soapAction="urn:getAuthorizationCodeValidityPeriod" style="document"/>
+            <wsdl:input>
+                <soap12:body use="literal"/>
+            </wsdl:input>
+            <wsdl:output>
+                <soap12:body use="literal"/>
+            </wsdl:output>
+        </wsdl:operation>
         <wsdl:operation name="isRefreshTokenRenewalEnabled">
             <soap12:operation soapAction="urn:isRefreshTokenRenewalEnabled" style="document"/>
             <wsdl:input>
@@ -1596,6 +1637,15 @@
                 <mime:content type="text/xml" part="parameters"/>
             </wsdl:output>
         </wsdl:operation>
+        <wsdl:operation name="getAuthorizationCodeValidityPeriod">
+            <http:operation location="getAuthorizationCodeValidityPeriod"/>
+            <wsdl:input>
+                <mime:content type="text/xml" part="parameters"/>
+            </wsdl:input>
+            <wsdl:output>
+                <mime:content type="text/xml" part="parameters"/>
+            </wsdl:output>
+        </wsdl:operation>
         <wsdl:operation name="isRefreshTokenRenewalEnabled">
             <http:operation location="isRefreshTokenRenewalEnabled"/>
             <wsdl:input>
diff --git a/components/org.wso2.carbon.identity.oauth.ui/src/main/java/org/wso2/carbon/identity/oauth/ui/client/OAuthAdminClient.java b/components/org.wso2.carbon.identity.oauth.ui/src/main/java/org/wso2/carbon/identity/oauth/ui/client/OAuthAdminClient.java
index 61d9a90be28..14aab5467c2 100644
--- a/components/org.wso2.carbon.identity.oauth.ui/src/main/java/org/wso2/carbon/identity/oauth/ui/client/OAuthAdminClient.java
+++ b/components/org.wso2.carbon.identity.oauth.ui/src/main/java/org/wso2/carbon/identity/oauth/ui/client/OAuthAdminClient.java
@@ -186,6 +186,11 @@ public void updateOauthApplicationState(String consumerKey, String newState) thr
         stub.updateConsumerAppState(consumerKey, newState);
     }
 
+    public long getAuthorizationCodeValidityPeriod() throws RemoteException {
+
+        return stub.getAuthorizationCodeValidityPeriod();
+    }
+
     public OAuthTokenExpiryTimeDTO getOAuthTokenExpiryTimeDTO() throws RemoteException {
 
         return stub.getTokenExpiryTimes();
diff --git a/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/org/wso2/carbon/identity/oauth/ui/i18n/Resources.properties b/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/org/wso2/carbon/identity/oauth/ui/i18n/Resources.properties
index c1870f8f0b1..7846c9a578e 100644
--- a/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/org/wso2/carbon/identity/oauth/ui/i18n/Resources.properties
+++ b/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/org/wso2/carbon/identity/oauth/ui/i18n/Resources.properties
@@ -87,10 +87,12 @@ error.while.revoking.authorization=Error while revoking authorization for {0}
 revocation.success=Authorization successfully revoked for {0}
 next=Next
 prev=prev
+authorization.code.validity.period=Authorization Code Validity Period
 user.access.token.expiry.time=User Access Token Expiry Time
 application.access.token.expiry.time=Application Access Token Expiry Time
 refresh.token.expiry.time=Refresh Token Expiry Time
 id.token.expiry.time=Id Token Expiry Time
+invalid.authorization.code.validity.period=Invalid value for Authorization Code Validity Period
 invalid.user.access.token.expiry.time=Invalid value for User Access Token Expiry Time
 invalid.application.access.token.expiry.time=Invalid value for Application Access Token Expiry Time
 invalid.refresh.token.expiry.time=Invalid value for Refresh Token Expiry Time
diff --git a/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/add-finish-ajaxprocessor.jsp b/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/add-finish-ajaxprocessor.jsp
index 267f82825ec..aafa2dfbc67 100644
--- a/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/add-finish-ajaxprocessor.jsp
+++ b/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/add-finish-ajaxprocessor.jsp
@@ -54,6 +54,7 @@
     String applicationName = request.getParameter("application");
     String callback = request.getParameter("callback");
     String oauthVersion = request.getParameter("oauthVersion");
+    String authorizationCodeValidityPeriod = request.getParameter("authorizationCodeValidityPeriod");
     String userAccessTokenExpiryTime = request.getParameter("userAccessTokenExpiryTime");
     String applicationAccessTokenExpiryTime = request.getParameter("applicationAccessTokenExpiryTime");
     String refreshTokenExpiryTime = request.getParameter("refreshTokenExpiryTime");
@@ -109,6 +110,7 @@
             app.setApplicationName(applicationName);
             app.setCallbackUrl(callback);
             app.setOAuthVersion(oauthVersion);
+            app.setAuthorizationCodeValidityPeriod(Long.parseLong(authorizationCodeValidityPeriod));
             app.setUserAccessTokenExpiryTime(Long.parseLong(userAccessTokenExpiryTime));
             app.setApplicationAccessTokenExpiryTime(Long.parseLong(applicationAccessTokenExpiryTime));
             app.setRefreshTokenExpiryTime(Long.parseLong(refreshTokenExpiryTime));
diff --git a/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/add.jsp b/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/add.jsp
index f4498255069..96b0558f3ea 100644
--- a/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/add.jsp
+++ b/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/add.jsp
@@ -149,6 +149,7 @@
                     var callbackUrl = document.getElementById('callback').value;
                     var oidcLogoutType = $('input[name=logoutMechanism]:checked').val();
                     var oidcLogoutUrl = document.getElementById('logout_url').value;
+                    var authorizationCodeValidityPeriod = document.getElementById("authorizationCodeValidityPeriod").value;
                     var userTokenExpiryTime = document.getElementById("userAccessTokenExpiryTime").value;
                     var applicationTokenExpiryTime = document.getElementById("userAccessTokenExpiryTime").value;
                     var refreshTokenExpiryTime = document.getElementById("refreshTokenExpiryTime").value;
@@ -199,6 +200,10 @@
                                 }
                             }
                         }
+                        if (!isWhiteListed(authorizationCodeValidityPeriod, ["digits-only"])) {
+                            CARBON.showWarningDialog('<fmt:message key="invalid.authorization.code.validity.period"/>');
+                            return false;
+                        }
                         if (!isWhiteListed(userTokenExpiryTime, ["digits-only"])) {
                             CARBON.showWarningDialog('<fmt:message key="invalid.user.access.token.expiry.time"/>');
                             return false;
@@ -236,6 +241,7 @@
                         $(jQuery('#access_token_type_row')).hide();
                         $(jQuery("#pkce_enable").hide());
                         $(jQuery("#pkce_support_plain").hide());
+                        $(jQuery('#authorizationCodePlain').hide());
                         $(jQuery('#userAccessTokenPlain').hide());
                         $(jQuery('#applicationAccessTokenPlain').hide());
                         $(jQuery('#refreshTokenPlain').hide());
@@ -261,6 +267,7 @@
                         $(jQuery('#access_token_type_row')).show();
                         $(jQuery("#pkce_enable").show());
                         $(jQuery("#pkce_support_plain").show());
+                        $(jQuery('#authorizationCodePlain').show());
                         $(jQuery('#userAccessTokenPlain').show());
                         $(jQuery('#applicationAccessTokenPlain').show());
                         $(jQuery('#refreshTokenPlain').show());
@@ -685,6 +692,14 @@
                                         </table>
                                     </td>
                                 </tr>
+                                <tr id="authorizationCodePlain">
+                                    <td class="leftCol-med"><fmt:message key='authorization.code.validity.period'/></td>
+                                    <td><input id="authorizationCodeValidityPeriod" name="authorizationCodeValidityPeriod"
+                                               type="text"
+                                               value="<%=client.getAuthorizationCodeValidityPeriod()%>"/>
+                                        <fmt:message key='seconds'/>
+                                    </td>
+                                </tr>
                                 <tr id="userAccessTokenPlain">
                                     <td class="leftCol-med"><fmt:message key='user.access.token.expiry.time'/></td>
                                     <td><input id="userAccessTokenExpiryTime" name="userAccessTokenExpiryTime"
diff --git a/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/edit-finish-ajaxprocessor.jsp b/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/edit-finish-ajaxprocessor.jsp
index deafba8440c..f131dd10589 100755
--- a/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/edit-finish-ajaxprocessor.jsp
+++ b/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/edit-finish-ajaxprocessor.jsp
@@ -56,6 +56,7 @@
     String applicationName = request.getParameter("application");
     String consumersecret = request.getParameter("consumersecret");
     String oauthVersion = request.getParameter("oauthVersion");
+    String authorizationCodeValidityPeriod = request.getParameter("authorizationCodeValidityPeriod");
     String userAccessTokenExpiryTime = request.getParameter("userAccessTokenExpiryTime");
     String applicationAccessTokenExpiryTime = request.getParameter("applicationAccessTokenExpiryTime");
     String refreshTokenExpiryTime = request.getParameter("refreshTokenExpiryTime");
@@ -116,6 +117,7 @@
             app.setOAuthVersion(oauthVersion);
             app.setPkceMandatory(pkceMandatory);
             app.setPkceSupportPlain(pkceSupportPlain);
+            app.setAuthorizationCodeValidityPeriod(Long.parseLong(authorizationCodeValidityPeriod));
             app.setUserAccessTokenExpiryTime(Long.parseLong(userAccessTokenExpiryTime));
             app.setApplicationAccessTokenExpiryTime(Long.parseLong(applicationAccessTokenExpiryTime));
             app.setRefreshTokenExpiryTime(Long.parseLong(refreshTokenExpiryTime));
diff --git a/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/edit.jsp b/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/edit.jsp
index 430c0929860..f27855cffa4 100755
--- a/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/edit.jsp
+++ b/components/org.wso2.carbon.identity.oauth.ui/src/main/resources/web/oauth/edit.jsp
@@ -351,6 +351,7 @@
                         $(jQuery('#access_token_type_row')).hide();
                         $(jQuery("#pkce_enable").hide());
                         $(jQuery("#pkce_support_plain").hide());
+                        $(jQuery('#authorizationCodePlain').hide());
                         $(jQuery('#userAccessTokenPlain').hide());
                         $(jQuery('#applicationAccessTokenPlain').hide());
                         $(jQuery('#refreshTokenPlain').hide());
@@ -374,6 +375,7 @@
                         $(jQuery('#grant_row')).show();
                         $(jQuery('#scope_validator_row')).show();
                         $(jQuery('#access_token_type_row')).show();
+                        $(jQuery('#authorizationCodePlain').show());
                         $(jQuery('#userAccessTokenPlain').show());
                         $(jQuery('#applicationAccessTokenPlain').show());
                         $(jQuery('#refreshTokenPlain').show());
@@ -832,6 +834,14 @@
                                         </table>
                                     </td>
                                 </tr>
+                                <tr id="authorizationCodePlain">
+                                    <td class="leftCol-med"><fmt:message key='authorization.code.validity.period'/></td>
+                                    <td><input id="authorizationCodeValidityPeriod" name="authorizationCodeValidityPeriod"
+                                               type="text"
+                                               value="<%=Encode.forHtmlAttribute(Long.toString(app.getAuthorizationCodeValidityPeriod()))%>"/>
+                                        <fmt:message key='seconds'/>
+                                    </td>
+                                </tr>
                                 <tr id="userAccessTokenPlain">
                                     <td class="leftCol-med"><fmt:message key='user.access.token.expiry.time'/></td>
                                     <td><input id="userAccessTokenExpiryTime" name="userAccessTokenExpiryTime"
diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminService.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminService.java
index aeda6707b10..361bfc20be5 100644
--- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminService.java
+++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminService.java
@@ -425,6 +425,16 @@ public boolean isPKCESupportEnabled() {
         return oAuthAdminServiceImpl.isPKCESupportEnabled();
     }
 
+    /**
+     * Get the authorization code validity period property value from identity.xml file.
+     *
+     * @return authorization code validity period property value
+     */
+    public long getAuthorizationCodeValidityPeriod() {
+
+        return oAuthAdminServiceImpl.getAuthorizationCodeValidityPeriod();
+    }
+
     public OAuthTokenExpiryTimeDTO getTokenExpiryTimes() {
 
         return oAuthAdminServiceImpl.getTokenExpiryTimes();
diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java
index bcc39c479d8..3b6cb121df0 100644
--- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java
+++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthAdminServiceImpl.java
@@ -269,6 +269,9 @@ public OAuthConsumerAppDTO registerAndRetrieveOAuthApplicationData(OAuthConsumer
                     app.setAudiences(application.getAudiences());
                     app.setPkceMandatory(application.getPkceMandatory());
                     app.setPkceSupportPlain(application.getPkceSupportPlain());
+                    // Validate authorization code validity period configuration.
+                    validateAuthorizationCodeValidityPeriodConfiguration(application);
+                    app.setAuthorizationCodeValidityPeriod(application.getAuthorizationCodeValidityPeriod());
                     // Validate access token expiry configurations.
                     validateTokenExpiryConfigurations(application);
                     app.setUserAccessTokenExpiryTime(application.getUserAccessTokenExpiryTime());
@@ -1223,6 +1226,16 @@ public List<TokenBindingMetaDataDTO> getSupportedTokenBindingsMetaData() {
         return OAuthComponentServiceHolder.getInstance().getTokenBindingMetaDataDTOs();
     }
 
+    /**
+     * Get the authorization code validity period property value from identity.xml file.
+     *
+     * @return authorization code validity period property value
+     */
+    public long getAuthorizationCodeValidityPeriod() {
+
+        return OAuthServerConfiguration.getInstance().getAuthorizationCodeValidityPeriodInSeconds();
+    }
+
     public OAuthTokenExpiryTimeDTO getTokenExpiryTimes() {
 
         OAuthTokenExpiryTimeDTO tokenExpiryTime = new OAuthTokenExpiryTimeDTO();
@@ -1246,38 +1259,51 @@ AuthenticatedUser buildAuthenticatedUser(String tenantAwareUser, String tenantDo
         return user;
     }
 
+    void validateAuthorizationCodeValidityPeriodConfiguration(OAuthConsumerAppDTO oAuthConsumerAppDTO) {
+
+        if (oAuthConsumerAppDTO.getAuthorizationCodeValidityPeriod() == 0) {
+            oAuthConsumerAppDTO.setAuthorizationCodeValidityPeriod(
+                    OAuthServerConfiguration.getInstance().getAuthorizationCodeValidityPeriodInSeconds());
+            if (LOG.isDebugEnabled()) {
+                LOG.debug("Invalid value '0' set for authorization code validity period in ServiceProvider: "
+                        + oAuthConsumerAppDTO.getApplicationName() + ". Defaulting to expiry value: "
+                        + oAuthConsumerAppDTO.getAuthorizationCodeValidityPeriod() + " seconds.");
+            }
+        }
+    }
+
     void validateTokenExpiryConfigurations(OAuthConsumerAppDTO oAuthConsumerAppDTO) {
 
         if (oAuthConsumerAppDTO.getUserAccessTokenExpiryTime() == 0) {
             oAuthConsumerAppDTO.setUserAccessTokenExpiryTime(
                     OAuthServerConfiguration.getInstance().getUserAccessTokenValidityPeriodInSeconds());
-            logOnInvalidConfig(oAuthConsumerAppDTO.getApplicationName(), "user access token",
+            logOnInvalidTokenExpiryConfig(oAuthConsumerAppDTO.getApplicationName(), "user access token",
                     oAuthConsumerAppDTO.getUserAccessTokenExpiryTime());
         }
 
         if (oAuthConsumerAppDTO.getApplicationAccessTokenExpiryTime() == 0) {
             oAuthConsumerAppDTO.setApplicationAccessTokenExpiryTime(
                     OAuthServerConfiguration.getInstance().getApplicationAccessTokenValidityPeriodInSeconds());
-            logOnInvalidConfig(oAuthConsumerAppDTO.getApplicationName(), "application access token",
+            logOnInvalidTokenExpiryConfig(oAuthConsumerAppDTO.getApplicationName(), "application access token",
                     oAuthConsumerAppDTO.getApplicationAccessTokenExpiryTime());
         }
 
         if (oAuthConsumerAppDTO.getRefreshTokenExpiryTime() == 0) {
             oAuthConsumerAppDTO.setRefreshTokenExpiryTime(
                     OAuthServerConfiguration.getInstance().getRefreshTokenValidityPeriodInSeconds());
-            logOnInvalidConfig(oAuthConsumerAppDTO.getApplicationName(), "refresh token",
+            logOnInvalidTokenExpiryConfig(oAuthConsumerAppDTO.getApplicationName(), "refresh token",
                     oAuthConsumerAppDTO.getRefreshTokenExpiryTime());
         }
 
         if (oAuthConsumerAppDTO.getIdTokenExpiryTime() == 0) {
             oAuthConsumerAppDTO.setIdTokenExpiryTime(
                     OAuthServerConfiguration.getInstance().getOpenIDConnectIDTokenExpiryTimeInSeconds());
-            logOnInvalidConfig(oAuthConsumerAppDTO.getApplicationName(), "id token",
+            logOnInvalidTokenExpiryConfig(oAuthConsumerAppDTO.getApplicationName(), "id token",
                     oAuthConsumerAppDTO.getIdTokenExpiryTime());
         }
     }
 
-    void logOnInvalidConfig(String appName, String tokenType, long defaultValue) {
+    void logOnInvalidTokenExpiryConfig(String appName, String tokenType, long defaultValue) {
 
         if (LOG.isDebugEnabled()) {
             LOG.debug("Invalid expiry time value '0' set for token type: " + tokenType + " in ServiceProvider: " +
diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java
index ce9eb5287c6..f53404ddb1f 100644
--- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java
+++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/OAuthUtil.java
@@ -309,6 +309,7 @@ public static OAuthConsumerAppDTO buildConsumerAppDTO(OAuthAppDO appDO) {
         dto.setState(appDO.getState());
         dto.setPkceMandatory(appDO.isPkceMandatory());
         dto.setPkceSupportPlain(appDO.isPkceSupportPlain());
+        dto.setAuthorizationCodeValidityPeriod(appDO.getAuthorizationCodeValidityPeriod());
         dto.setUserAccessTokenExpiryTime(appDO.getUserAccessTokenExpiryTime());
         dto.setApplicationAccessTokenExpiryTime(appDO.getApplicationAccessTokenExpiryTime());
         dto.setRefreshTokenExpiryTime(appDO.getRefreshTokenExpiryTime());
diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java
index 2d2f07f9512..3e4cf6f473d 100644
--- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java
+++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDAO.java
@@ -61,6 +61,7 @@
 import java.util.Set;
 
 import static org.wso2.carbon.identity.oauth.OAuthUtil.handleError;
+import static org.wso2.carbon.identity.oauth.common.OAuthConstants.AUTHORIZATION_CODE_VALIDITY_PERIOD;
 import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.BACK_CHANNEL_LOGOUT_URL;
 import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.BYPASS_CLIENT_CREDENTIALS;
 import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCConfigProperties.FRONT_CHANNEL_LOGOUT_URL;
@@ -613,6 +614,10 @@ private void addOrUpdateOIDCSpProperty(OAuthAppDO oauthAppDO,
         addOrUpdateOIDCSpProperty(preprocessedClientId, spTenantId, spOIDCProperties, TOKEN_BINDING_TYPE,
                 oauthAppDO.getTokenBindingType(), prepStatementForPropertyAdd, preparedStatementForPropertyUpdate);
 
+        addOrUpdateOIDCSpProperty(preprocessedClientId, spTenantId, spOIDCProperties,
+                AUTHORIZATION_CODE_VALIDITY_PERIOD, String.valueOf(oauthAppDO.getAuthorizationCodeValidityPeriod()),
+                prepStatementForPropertyAdd, preparedStatementForPropertyUpdate);
+
         // Execute batched add/update/delete.
         prepStatementForPropertyAdd.executeBatch();
         preparedStatementForPropertyUpdate.executeBatch();
@@ -1050,6 +1055,10 @@ private void addServiceProviderOIDCProperties(Connection connection,
             addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty, TOKEN_BINDING_TYPE,
                     consumerAppDO.getTokenBindingType());
 
+            addToBatchForOIDCPropertyAdd(processedClientId, spTenantId, prepStmtAddOIDCProperty,
+                    AUTHORIZATION_CODE_VALIDITY_PERIOD,
+                    String.valueOf(consumerAppDO.getAuthorizationCodeValidityPeriod()));
+
             prepStmtAddOIDCProperty.executeBatch();
         }
     }
@@ -1136,6 +1145,17 @@ private void setSpOIDCProperties(Map<String, List<String>> spOIDCProperties, OAu
         String renewRefreshToken = getFirstPropertyValue(spOIDCProperties, RENEW_REFRESH_TOKEN);
         oauthApp.setRenewRefreshTokenEnabled(renewRefreshToken);
 
+        long authorizationCodeValidityPeriod;
+        String authorizationCodeValidityPeriodProperty = getFirstPropertyValue(spOIDCProperties,
+                AUTHORIZATION_CODE_VALIDITY_PERIOD);
+        if (StringUtils.isNotBlank(authorizationCodeValidityPeriodProperty)) {
+            authorizationCodeValidityPeriod = Long.parseLong(authorizationCodeValidityPeriodProperty);
+        } else {
+            authorizationCodeValidityPeriod = OAuthServerConfiguration.getInstance()
+                    .getAuthorizationCodeValidityPeriodInSeconds();
+        }
+        oauthApp.setAuthorizationCodeValidityPeriod(authorizationCodeValidityPeriod);
+
     }
 
     private String getFirstPropertyValue(Map<String, List<String>> propertyMap, String key) {
diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java
index 7b6e63c894b..c601f140397 100644
--- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java
+++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dao/OAuthAppDO.java
@@ -51,6 +51,7 @@ public class OAuthAppDO implements Serializable {
     private boolean pkceSupportPlain;
     private boolean pkceMandatory;
     private String state;
+    private long authorizationCodeValidityPeriod;
     private long userAccessTokenExpiryTime;
     private long applicationAccessTokenExpiryTime;
     private long refreshTokenExpiryTime;
@@ -185,6 +186,16 @@ public String getState() {
         return state;
     }
 
+    public long getAuthorizationCodeValidityPeriod() {
+
+        return authorizationCodeValidityPeriod;
+    }
+
+    public void setAuthorizationCodeValidityPeriod(long authorizationCodeValidityPeriod) {
+
+        this.authorizationCodeValidityPeriod = authorizationCodeValidityPeriod;
+    }
+
     public long getUserAccessTokenExpiryTime() {
         return userAccessTokenExpiryTime;
     }
diff --git a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java
index 9ea61dcaa2f..c0e874221bb 100644
--- a/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java
+++ b/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth/dto/OAuthConsumerAppDTO.java
@@ -34,6 +34,7 @@ public class OAuthConsumerAppDTO {
     private boolean pkceSupportPlain;
     private boolean pkceMandatory;
     private String state;
+    private long authorizationCodeValidityPeriod;
     private long userAccessTokenExpiryTime;
     private long applicationAccessTokenExpiryTime;
     private long refreshTokenExpiryTime;
@@ -51,6 +52,16 @@ public class OAuthConsumerAppDTO {
     private String tokenType;
     private String tokenBindingType;
 
+    public long getAuthorizationCodeValidityPeriod() {
+
+        return authorizationCodeValidityPeriod;
+    }
+
+    public void setAuthorizationCodeValidityPeriod(long authorizationCodeValidityPeriod) {
+        
+        this.authorizationCodeValidityPeriod = authorizationCodeValidityPeriod;
+    }
+
     public long getUserAccessTokenExpiryTime() {
         return userAccessTokenExpiryTime;
     }