diff --git a/adjutant/api/v1/tests/test_api_admin.py b/adjutant/api/v1/tests/test_api_admin.py
index 21f5c82..c177611 100644
--- a/adjutant/api/v1/tests/test_api_admin.py
+++ b/adjutant/api/v1/tests/test_api_admin.py
@@ -625,6 +625,51 @@ class AdminAPITests(APITestCase):
         response = self.client.post(url, data, format='json')
         self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
 
+    def test_reapprove_task_delete_tokens(self):
+        """
+        Tests that a reapproved task will delete all of it's previous tokens.
+        """
+
+        setup_temp_cache({}, {})
+
+        url = "/v1/actions/CreateProject"
+        data = {'project_name': "test_project", 'email': "test@example.com"}
+        response = self.client.post(url, data, format='json')
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        headers = {
+            'project_name': "test_project",
+            'project_id': "test_project_id",
+            'roles': "admin,_member_",
+            'username': "test@example.com",
+            'user_id': "test_user_id",
+            'authenticated': True
+        }
+        new_task = Task.objects.all()[0]
+        url = "/v1/tasks/" + new_task.uuid
+        response = self.client.post(url, {'approved': True}, format='json',
+                                    headers=headers)
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(len(Token.objects.all()), 1)
+
+        new_token = Token.objects.all()[0]
+        url = "/v1/tokens/" + new_token.token
+        response = self.client.get(url, format='json')
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        # Reapprove
+        url = "/v1/tasks/" + new_task.uuid
+        response = self.client.post(url, {'approved': True}, format='json',
+                                    headers=headers)
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        # Old token no longer found
+        url = "/v1/tokens/" + new_token.token
+        response = self.client.get(url, format='json')
+        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+
+        self.assertEqual(len(Token.objects.all()), 1)
+
     def test_task_update_unapprove(self):
         """
         Ensure task update doesn't work for approved actions.
diff --git a/adjutant/api/v1/views.py b/adjutant/api/v1/views.py
index b4a998b..e000472 100644
--- a/adjutant/api/v1/views.py
+++ b/adjutant/api/v1/views.py
@@ -386,6 +386,10 @@ class TaskDetail(APIViewWithLogger):
                      'Update data and rerun pre_approve.']},
                 status=400)
 
+        if task.approved:
+            # Expire previously in use tokens
+            Token.objects.filter(task=task.uuid).delete()
+
         # We approve the task before running actions,
         # that way if something goes wrong we know if it was approved,
         # when it was approved, and who approved it last. Subsequent