diff --git a/src/Identity/IdentityServer/ApiClient.cs b/src/Identity/IdentityServer/ApiClient.cs
index d4eafe1d486e..1f29c5bc6d63 100644
--- a/src/Identity/IdentityServer/ApiClient.cs
+++ b/src/Identity/IdentityServer/ApiClient.cs
@@ -15,7 +15,7 @@ public ApiClient(
         ClientId = id;
         AllowedGrantTypes = new[] { GrantType.ResourceOwnerPassword, GrantType.AuthorizationCode, WebAuthnGrantValidator.GrantType };
         RefreshTokenExpiration = TokenExpiration.Sliding;
-        RefreshTokenUsage = TokenUsage.ReUse;
+        RefreshTokenUsage = TokenUsage.OneTimeOnly;
         SlidingRefreshTokenLifetime = 86400 * refreshTokenSlidingDays;
         AbsoluteRefreshTokenLifetime = 0; // forever
         UpdateAccessTokenClaimsOnRefresh = true;
diff --git a/src/Identity/IdentityServer/StaticClientStore.cs b/src/Identity/IdentityServer/StaticClientStore.cs
index 811880dde232..d589ab219e66 100644
--- a/src/Identity/IdentityServer/StaticClientStore.cs
+++ b/src/Identity/IdentityServer/StaticClientStore.cs
@@ -10,8 +10,8 @@ public StaticClientStore(GlobalSettings globalSettings)
     {
         ApiClients = new List<Client>
         {
-            new ApiClient(globalSettings, BitwardenClient.Mobile, 90, 1),
-            new ApiClient(globalSettings, BitwardenClient.Web, 30, 1),
+            new ApiClient(globalSettings, BitwardenClient.Mobile, 60, 1),
+            new ApiClient(globalSettings, BitwardenClient.Web, 7, 1),
             new ApiClient(globalSettings, BitwardenClient.Browser, 30, 1),
             new ApiClient(globalSettings, BitwardenClient.Desktop, 30, 1),
             new ApiClient(globalSettings, BitwardenClient.Cli, 30, 1),