diff --git a/pkg/grpc/session/session.go b/pkg/grpc/session/session.go
index fdd0b43e5..bb9cdf00a 100644
--- a/pkg/grpc/session/session.go
+++ b/pkg/grpc/session/session.go
@@ -116,7 +116,6 @@ func (x *Session) Validate() error {
 	for name, expiresAt := range map[string]*timestamppb.Timestamp{
 		"session":      x.GetExpiresAt(),
 		"access_token": x.GetOauthToken().GetExpiresAt(),
-		"id_token":     x.GetIdToken().GetExpiresAt(),
 	} {
 		if expiresAt.AsTime().Year() > 1970 && now.After(expiresAt.AsTime()) {
 			return fmt.Errorf("%w: %s expired at %s", ErrSessionExpired, name, expiresAt.AsTime())
diff --git a/pkg/grpc/session/session_test.go b/pkg/grpc/session/session_test.go
index e9e97892c..68859d973 100644
--- a/pkg/grpc/session/session_test.go
+++ b/pkg/grpc/session/session_test.go
@@ -181,8 +181,9 @@ func TestSession_Validate(t *testing.T) {
 	}{
 		{"valid", &Session{}, nil},
 		{"expired", &Session{ExpiresAt: t0}, ErrSessionExpired},
-		{"expired id token", &Session{IdToken: &IDToken{ExpiresAt: t0}}, ErrSessionExpired},
 		{"expired oauth token", &Session{OauthToken: &OAuthToken{ExpiresAt: t0}}, ErrSessionExpired},
+		// Expiry of the ID token does not indicate expiry of the underlying session.
+		{"expired id token ok", &Session{IdToken: &IDToken{ExpiresAt: t0}}, nil},
 	} {
 		tc := tc
 		t.Run(tc.name, func(t *testing.T) {