diff --git a/swh/web/auth/backends.py b/swh/web/auth/backends.py
--- a/swh/web/auth/backends.py
+++ b/swh/web/auth/backends.py
@@ -71,7 +71,7 @@
     user = _oidc_user_from_decoded_token(decoded_token)
 
     # get authentication init datetime
-    auth_datetime = datetime.fromtimestamp(decoded_token["auth_time"])
+    auth_datetime = datetime.fromtimestamp(decoded_token["iat"])
     exp_datetime = datetime.fromtimestamp(decoded_token["exp"])
 
     # compute OIDC tokens expiration date
diff --git a/swh/web/tests/auth/keycloak_mock.py b/swh/web/tests/auth/keycloak_mock.py
--- a/swh/web/tests/auth/keycloak_mock.py
+++ b/swh/web/tests/auth/keycloak_mock.py
@@ -90,13 +90,13 @@
             options["verify_exp"] = False
         decoded = super().decode_token(token, options)
         # tweak auth and exp time for tests
-        expire_in = decoded["exp"] - decoded["auth_time"]
+        expire_in = decoded["exp"] - decoded["iat"]
         if self.exp is not None:
             decoded["exp"] = self.exp
-            decoded["auth_time"] = self.exp - expire_in
+            decoded["iat"] = self.exp - expire_in
         else:
-            decoded["auth_time"] = int(timezone.now().timestamp())
-            decoded["exp"] = decoded["auth_time"] + expire_in
+            decoded["iat"] = int(timezone.now().timestamp())
+            decoded["exp"] = decoded["iat"] + expire_in
         decoded["groups"] = self.user_groups
         if self.user_permissions:
             decoded["resource_access"][self.client_id] = {
diff --git a/swh/web/tests/auth/sample_data.py b/swh/web/tests/auth/sample_data.py
--- a/swh/web/tests/auth/sample_data.py
+++ b/swh/web/tests/auth/sample_data.py
@@ -19,7 +19,7 @@
         # {'acr': '1',
         #  'allowed-origins': ['*'],
         #  'aud': ['swh-web', 'account'],
-        #  'auth_time': 1592395601,
+        #  'auth_time': 1582723101,
         #  'azp': 'swh-web',
         #  'email': 'john.doe@example.com',
         #  'email_verified': False,
@@ -27,7 +27,7 @@
         #  'family_name': 'Doe',
         #  'given_name': 'John',
         #  'groups': ['/staff'],
-        #  'iat': 1582723101,
+        #  'iat': 1592395601,
         #  'iss': 'http://localhost:8080/auth/realms/SoftwareHeritage',
         #  'jti': '31fc50b7-bbe5-4f51-91ef-8e3eec51331e',
         #  'name': 'John Doe',
diff --git a/swh/web/tests/auth/test_backends.py b/swh/web/tests/auth/test_backends.py
--- a/swh/web/tests/auth/test_backends.py
+++ b/swh/web/tests/auth/test_backends.py
@@ -60,7 +60,7 @@
     decoded_token = kc_oidc_mock.decode_token(user.access_token)
     _check_authenticated_user(user, decoded_token, kc_oidc_mock)
 
-    auth_datetime = datetime.fromtimestamp(decoded_token["auth_time"])
+    auth_datetime = datetime.fromtimestamp(decoded_token["iat"])
     exp_datetime = datetime.fromtimestamp(decoded_token["exp"])
     refresh_exp_datetime = auth_datetime + timedelta(
         seconds=oidc_profile["refresh_expires_in"]