diff --git a/test/suites/auth.sh b/test/suites/auth.sh
index 2f4daadf36ac..52e5b74fa6b0 100644
--- a/test/suites/auth.sh
+++ b/test/suites/auth.sh
@@ -102,6 +102,13 @@ test_authorization() {
   # The token was used, so the pending identity should be deleted.
   [ "$(lxc auth identity list --format csv | grep -cF 'pending')" = 0 ]
 
+  # Check token prune task works
+  lxc auth identity create tls/test-user2 --quiet
+  [ "$(lxc auth identity list --format csv | grep -cF 'pending')" = 1 ]
+  sleep 2 # Wait for token to expire (expiry is still set to 1 second)
+  lxc query --request POST /internal/testing/prune-tokens
+  [ "$(lxc auth identity list --format csv | grep -cF 'pending')" = 0 ]
+
   # Check users have been added to the group.
   tls_identity_fingerprint="$(cert_fingerprint "${LXD_CONF2}/client.crt")"
   lxc auth identity list --format csv | grep -Fq 'oidc,OIDC client," ",test-user@example.com,test-group'