diff --git a/swh/auth/django/backends.py b/swh/auth/django/backends.py
--- a/swh/auth/django/backends.py
+++ b/swh/auth/django/backends.py
@@ -201,7 +201,10 @@
             raise ValidationError("Invalid bearer token")
         except KeycloakError as ke:
             error_msg = keycloak_error_message(ke)
-            if error_msg == "invalid_grant: Offline user session not found":
+            if error_msg in (
+                "invalid_grant: Offline session not active",
+                "invalid_grant: Offline user session not found",
+            ):
                 error_msg = (
                     "Bearer token expired after a long period of inactivity; "
                     "please generate a new one."
diff --git a/swh/auth/tests/django/test_drf_bearer_token_auth.py b/swh/auth/tests/django/test_drf_bearer_token_auth.py
--- a/swh/auth/tests/django/test_drf_bearer_token_auth.py
+++ b/swh/auth/tests/django/test_drf_bearer_token_auth.py
@@ -129,23 +129,25 @@
 
     api_client.credentials(HTTP_AUTHORIZATION=f"Bearer {refresh_token}")
 
-    kc_error_dict = {
-        "error": "invalid_grant",
-        "error_description": "Offline user session not found",
-    }
+    for kc_err_msg in ("Offline session not active", "Offline user session not found"):
 
-    keycloak_oidc.refresh_token.side_effect = KeycloakError(
-        error_message=json.dumps(kc_error_dict).encode(), response_code=400
-    )
+        kc_error_dict = {
+            "error": "invalid_grant",
+            "error_description": kc_err_msg,
+        }
 
-    response = api_client.get(url)
-    expected_error_msg = (
-        "Bearer token expired after a long period of inactivity; "
-        "please generate a new one."
-    )
+        keycloak_oidc.refresh_token.side_effect = KeycloakError(
+            error_message=json.dumps(kc_error_dict).encode(), response_code=400
+        )
 
-    assert response.status_code == 403
-    assert expected_error_msg in json.dumps(response.data)
+        response = api_client.get(url)
+        expected_error_msg = (
+            "Bearer token expired after a long period of inactivity; "
+            "please generate a new one."
+        )
 
-    request = response.wsgi_request
-    assert isinstance(request.user, AnonymousUser)
+        assert response.status_code == 403
+        assert expected_error_msg in json.dumps(response.data)
+
+        request = response.wsgi_request
+        assert isinstance(request.user, AnonymousUser)