diff --git a/zerver/views/upload.py b/zerver/views/upload.py
index 9c01f343be..069c88e2e3 100644
--- a/zerver/views/upload.py
+++ b/zerver/views/upload.py
@@ -208,7 +208,9 @@ def get_file_path_id_from_token(token: str) -> Optional[str]:
     signer = TimestampSigner(salt=USER_UPLOADS_ACCESS_TOKEN_SALT)
     try:
         signed_data = base64.b16decode(token).decode()
-        path_id = signer.unsign(signed_data, max_age=timedelta(seconds=60))
+        path_id = signer.unsign(
+            signed_data, max_age=timedelta(seconds=settings.SIGNED_ACCESS_TOKEN_VALIDITY_IN_SECONDS)
+        )
     except (BadSignature, binascii.Error):
         return None
 
diff --git a/zproject/default_settings.py b/zproject/default_settings.py
index d54a841eed..d935bc5639 100644
--- a/zproject/default_settings.py
+++ b/zproject/default_settings.py
@@ -608,3 +608,7 @@ MAX_STREAM_SIZE_FOR_TYPING_NOTIFICATIONS = 100
 # installations with thousands of users with many guests limited in
 # this way, pending further optimization of the relevant code paths.
 CAN_ACCESS_ALL_USERS_GROUP_LIMITS_PRESENCE = False
+
+# General expiry time for signed tokens we may generate
+# in some places through the codebase.
+SIGNED_ACCESS_TOKEN_VALIDITY_IN_SECONDS = 60