diff --git a/lakekeeper/justfile b/lakekeeper/justfile
index 9a3842a..3b97c42 100644
--- a/lakekeeper/justfile
+++ b/lakekeeper/justfile
@@ -116,7 +116,8 @@ create-oidc-client:
             realm=${KEYCLOAK_REALM} \
             client_id=lakekeeper \
             redirect_url="https://${LAKEKEEPER_HOST}/ui/callback" \
-            post_logout_redirect_uris="https://${LAKEKEEPER_HOST}/ui/logout,https://${LAKEKEEPER_HOST}/ui/,https://${LAKEKEEPER_HOST}/"
+            post_logout_redirect_uris="https://${LAKEKEEPER_HOST}/ui/logout,https://${LAKEKEEPER_HOST}/ui/,https://${LAKEKEEPER_HOST}/" \
+            access_token_lifespan="43200"
     fi
 
     # Add audience mapper to include 'lakekeeper' in JWT audience
diff --git a/lakekeeper/lakekeeper-values.gomplate.yaml b/lakekeeper/lakekeeper-values.gomplate.yaml
index 353a6ff..f14d976 100644
--- a/lakekeeper/lakekeeper-values.gomplate.yaml
+++ b/lakekeeper/lakekeeper-values.gomplate.yaml
@@ -11,7 +11,7 @@ catalog:
     LAKEKEEPER__OPENID_PROVIDER_URI: "https://{{ .Env.KEYCLOAK_HOST }}/realms/{{ .Env.KEYCLOAK_REALM }}"
     LAKEKEEPER__OPENID_AUDIENCE: "lakekeeper"
     LAKEKEEPER__UI__OPENID_CLIENT_ID: "lakekeeper"
-    LAKEKEEPER__UI__OPENID_SCOPE: "openid profile email"
+    LAKEKEEPER__UI__OPENID_SCOPE: "openid profile lakekeeper"
 
   # Secret management configuration
   secrets: