diff --git a/src/azure_auth.ts b/src/azure_auth.ts
index 8fe7f139612..085c8bca37a 100644
--- a/src/azure_auth.ts
+++ b/src/azure_auth.ts
@@ -57,7 +57,8 @@ export class AzureAuth implements Authenticator {
             return false;
         }
 
-        const expiration = expiry ? Date.parse(expiry) : new Date(parseInt(expiresOn!, 10));
+        const expiresOnDate = expiresOn ? new Date(parseInt(expiresOn, 10) * 1000) : undefined;
+        const expiration = expiry ? Date.parse(expiry) : expiresOnDate!;
         if (expiration < Date.now()) {
             return true;
         }
diff --git a/src/azure_auth_test.ts b/src/azure_auth_test.ts
index 97a5d952323..39944a38deb 100644
--- a/src/azure_auth_test.ts
+++ b/src/azure_auth_test.ts
@@ -168,6 +168,25 @@ describe('AzureAuth', () => {
         return expect(config.applyToRequest(opts)).to.eventually.be.rejectedWith(/Failed to refresh token/);
     });
 
+    it('should exec when no cmd and token is not expired', async () => {
+        const config = new KubeConfig();
+        const expireOn = new Date().getTime() / 1000 + 1000;
+        config.loadFromClusterAndUser(
+            { skipTLSVerify: false } as Cluster,
+            {
+                authProvider: {
+                    name: 'azure',
+                    config: {
+                        'access-token': 'token',
+                        'expires-on': expireOn.toString(),
+                    },
+                },
+            } as User,
+        );
+        const opts = {} as requestlib.Options;
+        await config.applyToRequest(opts);
+    });
+
     it('should exec with expired token', async () => {
         // TODO: fix this test for Windows
         if (process.platform === 'win32') {