diff --git a/charts/eks-pod-identity-agent/templates/serviceaccount.yaml b/charts/eks-pod-identity-agent/templates/serviceaccount.yaml
index 6c3d651..1a69c8f 100644
--- a/charts/eks-pod-identity-agent/templates/serviceaccount.yaml
+++ b/charts/eks-pod-identity-agent/templates/serviceaccount.yaml
@@ -20,6 +20,11 @@ rules:
   resources: ["serviceaccounts"]
   verbs: {{ .Values.irsa.cluster_role.permissions.serviceaccounts.verbs }}
 {{- end }}
+{{- if .Values.irsa.cluster_role.permissions.tokenreviews.verbs }}
+- apiGroups: [""]
+  resources: ["tokenreviews"]
+  verbs: {{ .Values.irsa.cluster_role.permissions.tokenreviews.verbs }}
+{{- end }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
diff --git a/charts/eks-pod-identity-agent/values.yaml b/charts/eks-pod-identity-agent/values.yaml
index 9bce157..89fe10a 100644
--- a/charts/eks-pod-identity-agent/values.yaml
+++ b/charts/eks-pod-identity-agent/values.yaml
@@ -107,3 +107,5 @@ irsa:
     permissions:
       serviceaccounts:
         verbs: ["get"]
+      tokenreviews:
+        verbs: ["create"]