diff --git a/pkg/app/run.go b/pkg/app/run.go
index 2375c5500..947bdd90e 100644
--- a/pkg/app/run.go
+++ b/pkg/app/run.go
@@ -541,7 +541,11 @@ func checkTokenExpirationWarning(data *global.Data, commandName string) {
 
 	summary := authcmd.ExpirationSummary(status, expires, time.Now())
 	remediation := authcmd.ExpirationRemediation(at.Type)
-	text.Warning(data.Output, "Your active token %s. %s\n", summary, remediation)
+	label := ""
+	if at.RefreshExpiresAt != "" {
+		label = "session "
+	}
+	text.Warning(data.Output, "Your active token %s%s. %s\n", label, summary, remediation)
 }
 
 // isAuthRelatedCommand reports whether commandName belongs to an auth-related
diff --git a/pkg/commands/auth/expiry.go b/pkg/commands/auth/expiry.go
index 989aa7069..0a95d3699 100644
--- a/pkg/commands/auth/expiry.go
+++ b/pkg/commands/auth/expiry.go
@@ -74,6 +74,10 @@ func staticExpirationStatus(at *config.AuthToken, now time.Time) (ExpirationStat
 // RefreshExpiresAt (the user-actionable deadline) and falls back to
 // AccessExpiresAt when refresh info is missing or malformed.
 func ssoExpirationStatus(at *config.AuthToken, now time.Time) (ExpirationStatus, time.Time, error) {
+	if at.RefreshToken != "" && at.RefreshExpiresAt == "" {
+		return StatusNoExpiry, time.Time{}, nil
+	}
+
 	if at.RefreshExpiresAt != "" {
 		expires, err := time.Parse(time.RFC3339, at.RefreshExpiresAt)
 		if err == nil {
diff --git a/pkg/commands/auth/list.go b/pkg/commands/auth/list.go
index 5aeb865fe..67189fede 100644
--- a/pkg/commands/auth/list.go
+++ b/pkg/commands/auth/list.go
@@ -53,13 +53,19 @@ func (c *ListCommand) Exec(_ io.Reader, out io.Writer) error {
 			if err != nil && c.Globals.ErrLog != nil {
 				c.Globals.ErrLog.Add(err)
 			}
+
+			label := ""
+			if entry.RefreshExpiresAt != "" {
+				label = "session "
+			}
+
 			switch status {
 			case StatusExpiringSoon:
 				summary := ExpirationSummary(status, expires, now)
-				expiryStr = " " + text.BoldYellow(fmt.Sprintf("[%s]", summary))
+				expiryStr = " " + text.BoldYellow(fmt.Sprintf("[%s%s]", label, summary))
 			case StatusExpired:
 				summary := ExpirationSummary(status, expires, now)
-				expiryStr = " " + text.BoldRed(fmt.Sprintf("[%s]", summary))
+				expiryStr = " " + text.BoldRed(fmt.Sprintf("[%s%s]", label, summary))
 			case StatusOK, StatusNoExpiry, StatusNeedsReauth:
 			}
 		}