diff --git a/cmd/secrets-store-csi-driver/main.go b/cmd/secrets-store-csi-driver/main.go
index 21c62ebe9..1d0c2a591 100644
--- a/cmd/secrets-store-csi-driver/main.go
+++ b/cmd/secrets-store-csi-driver/main.go
@@ -182,7 +182,7 @@ func main() {
 
 	// token request client
 	kubeClient := kubernetes.NewForConfigOrDie(cfg)
-	tokenClient := k8s.NewTokenClient(kubeClient, *driverName)
+	tokenClient := k8s.NewTokenClient(kubeClient, *driverName, 10*time.Minute)
 	if err != nil {
 		klog.ErrorS(err, "failed to create token client")
 		os.Exit(1)
diff --git a/pkg/k8s/token.go b/pkg/k8s/token.go
index 15decf8fe..a90d83cc1 100644
--- a/pkg/k8s/token.go
+++ b/pkg/k8s/token.go
@@ -44,11 +44,11 @@ type TokenClient struct {
 }
 
 // NewTokenClient creates a new TokenClient
-// The client will be used to request a token for the preconfigured audiences (--audiences) and expiration time.
-func NewTokenClient(kubeClient kubernetes.Interface, driverName string) *TokenClient {
+// The client will be used to request a token for token requests configured in the CSIDriver.
+func NewTokenClient(kubeClient kubernetes.Interface, driverName string, resyncPeriod time.Duration) *TokenClient {
 	kubeInformerFactory := kubeinformers.NewFilteredSharedInformerFactory(
 		kubeClient,
-		time.Minute*10,
+		resyncPeriod,
 		corev1.NamespaceAll,
 		func(options *metav1.ListOptions) {
 			options.FieldSelector = fmt.Sprintf("metadata.name=%s", driverName)
diff --git a/pkg/k8s/token_test.go b/pkg/k8s/token_test.go
index d813108d5..c705e09d6 100644
--- a/pkg/k8s/token_test.go
+++ b/pkg/k8s/token_test.go
@@ -105,7 +105,7 @@ func TestPodServiceAccountTokenAttrs(t *testing.T) {
 				return true, tr, nil
 			}))
 
-			tokenClient := NewTokenClient(client, testDriver)
+			tokenClient := NewTokenClient(client, testDriver, 1*time.Second)
 			_ = tokenClient.Run(wait.NeverStop)
 			waitForInformerCacheSync()
 
diff --git a/pkg/rotation/reconciler_test.go b/pkg/rotation/reconciler_test.go
index c061ec0db..12d21d769 100644
--- a/pkg/rotation/reconciler_test.go
+++ b/pkg/rotation/reconciler_test.go
@@ -79,7 +79,7 @@ func newTestReconciler(client client.Reader, s *runtime.Scheme, kubeClient kuber
 		crdClient:            crdClient,
 		cache:                client,
 		secretStore:          secretStore,
-		tokenClient:          k8s.NewTokenClient(kubeClient, "test-driver"),
+		tokenClient:          k8s.NewTokenClient(kubeClient, "test-driver", 1*time.Second),
 	}, nil
 }
 
diff --git a/pkg/secrets-store/nodeserver_test.go b/pkg/secrets-store/nodeserver_test.go
index 9df0c3b44..40ec1c0f0 100644
--- a/pkg/secrets-store/nodeserver_test.go
+++ b/pkg/secrets-store/nodeserver_test.go
@@ -21,6 +21,7 @@ import (
 	"os"
 	"path/filepath"
 	"testing"
+	"time"
 
 	secretsstorev1 "sigs.k8s.io/secrets-store-csi-driver/apis/v1"
 	"sigs.k8s.io/secrets-store-csi-driver/pkg/k8s"
@@ -42,7 +43,7 @@ import (
 func testNodeServer(t *testing.T, tmpDir string, mountPoints []mount.MountPoint, client client.Client, reporter StatsReporter) (*nodeServer, error) {
 	t.Helper()
 	providerClients := NewPluginClientBuilder(tmpDir)
-	return newNodeServer(tmpDir, "testnode", mount.NewFakeMounter(mountPoints), providerClients, client, client, reporter, k8s.NewTokenClient(fakeclient.NewSimpleClientset(), "test-driver"))
+	return newNodeServer(tmpDir, "testnode", mount.NewFakeMounter(mountPoints), providerClients, client, client, reporter, k8s.NewTokenClient(fakeclient.NewSimpleClientset(), "test-driver", 1*time.Second))
 }
 
 func TestNodePublishVolume(t *testing.T) {