diff --git a/modules/sysadmin_guide/pages/odcs.adoc b/modules/sysadmin_guide/pages/odcs.adoc
index 7592c23..e24fe69 100644
--- a/modules/sysadmin_guide/pages/odcs.adoc
+++ b/modules/sysadmin_guide/pages/odcs.adoc
@@ -137,3 +137,27 @@ https://odcs.fedoraproject.org/composes/ by sorting by Last modified
 fields.
 * Decrease the *max_seconds_to_live* in ODCS configuration
 file.
+
+=== The OIDC token expires
+
+This will cause the cron job to fail on the backend. Tokens have a lifetime of one year, and should be therefore periodically regenerated.
+
+To regenerate the token, run the following command in the ansible repo:
+
+....
+scripts/generate-oidc-token odcs-prod -e 365 -s https://id.fedoraproject.org/scope/groups -s https://pagure.io/odcs/new-compose -s https://pagure.io/odcs/renew-compose -s https://pagure.io/odcs/delete-compose
+....
+
+Follow the instructions given by the script: run the SQL command on the Ipsilon database server:
+
+....
+ssh db-fas01.iad2.fedoraproject.org
+sudo -u postgres -i ipsilon
+ipsilon=# BEGIN;
+[...]
+ipsilon=# COMMIT;
+....
+
+Save the value of the token generated by the script in the ansible-private repo under `files/releng/production/releng-odcs-oidc-token`.
+
+Deploy the change by running the `playbooks/groups/odcs.yml` playbook.