diff --git a/runzero/client/_http/auth.py b/runzero/client/_http/auth.py
index cb138f1..8aa458a 100644
--- a/runzero/client/_http/auth.py
+++ b/runzero/client/_http/auth.py
@@ -27,8 +27,8 @@ def is_expired(self) -> bool:
 
         :returns: Returns a bool of whether the token is expired or about to
         """
-        delta = self.created_at - datetime.now()
-        return not delta.total_seconds() <= (self.expires_in + 60)
+        delta = datetime.now() - self.created_at
+        return delta.total_seconds() >= (self.expires_in - 60)
 
 
 class BearerToken(AuthBase):