diff --git a/authentik/lib/default.yml b/authentik/lib/default.yml
index 47efe59ec..7e279f7e5 100644
--- a/authentik/lib/default.yml
+++ b/authentik/lib/default.yml
@@ -99,9 +99,6 @@ ldap:
   tls:
     ciphers: null
 
-reputation:
-  expiry: 86400
-
 cookie_domain: null
 disable_update_check: false
 disable_startup_analytics: false
diff --git a/authentik/policies/reputation/models.py b/authentik/policies/reputation/models.py
index 723614f51..e11b69520 100644
--- a/authentik/policies/reputation/models.py
+++ b/authentik/policies/reputation/models.py
@@ -16,6 +16,7 @@ from authentik.lib.models import SerializerModel
 from authentik.lib.utils.http import get_client_ip
 from authentik.policies.models import Policy
 from authentik.policies.types import PolicyRequest, PolicyResult
+from authentik.tenants.utils import get_current_tenant
 
 LOGGER = get_logger()
 CACHE_KEY_PREFIX = "goauthentik.io/policies/reputation/scores/"
@@ -23,7 +24,7 @@ CACHE_KEY_PREFIX = "goauthentik.io/policies/reputation/scores/"
 
 def reputation_expiry():
     """Reputation expiry"""
-    return now() + timedelta(seconds=CONFIG.get_int("reputation.expiry"))
+    return now() + timedelta(seconds=get_current_tenant().reputation_expiry)
 
 
 class ReputationPolicy(Policy):
diff --git a/authentik/tenants/migrations/0001_initial.py b/authentik/tenants/migrations/0001_initial.py
index 67892e294..b3a029678 100644
--- a/authentik/tenants/migrations/0001_initial.py
+++ b/authentik/tenants/migrations/0001_initial.py
@@ -24,6 +24,7 @@ def create_default_tenant(apps, schema_editor):
         gdpr_compliance=CONFIG.get_bool("gdpr_compliance", True),
         impersonation=CONFIG.get_bool("impersonation", True),
         footer_links=CONFIG.get("footer_links", default=[]),
+        reputation_expiry=CONFIG.get_int("reputation_expiry", default=86400),
     )
 
     Domain = apps.get_model("authentik_tenants", "Domain")