diff --git a/sdk/core/azure-core/CHANGELOG.md b/sdk/core/azure-core/CHANGELOG.md
index 68a2d7873..f11ea3981 100644
--- a/sdk/core/azure-core/CHANGELOG.md
+++ b/sdk/core/azure-core/CHANGELOG.md
@@ -2,6 +2,9 @@
 
 ## 1.0.0-beta.6 (Unreleased)
 
+### Bug Fixes
+
+- Fixed computation of the token expiration time in `BearerTokenAuthenticationPolicy`.
 
 ## 1.0.0-beta.5 (2021-02-02)
 
diff --git a/sdk/core/azure-core/src/http/bearer_token_authentication_policy.cpp b/sdk/core/azure-core/src/http/bearer_token_authentication_policy.cpp
index c47ba0aa5..943811fbb 100644
--- a/sdk/core/azure-core/src/http/bearer_token_authentication_policy.cpp
+++ b/sdk/core/azure-core/src/http/bearer_token_authentication_policy.cpp
@@ -17,7 +17,7 @@ std::unique_ptr<RawResponse> BearerTokenAuthenticationPolicy::Send(
     std::lock_guard<std::mutex> lock(m_accessTokenMutex);
 
     // Refresh the token in 2 or less minutes before the actual expiration.
-    if ((std::chrono::system_clock::now() - std::chrono::minutes(2)) > m_accessToken.ExpiresOn)
+    if (std::chrono::system_clock::now() > (m_accessToken.ExpiresOn - std::chrono::minutes(2)))
     {
       m_accessToken = m_credential->GetToken(context, m_tokenRequestOptions);
     }