diff --git a/src/agent/credentials/default-credential-manager.ts b/src/agent/credentials/default-credential-manager.ts
index 2d518d6..dc5f90e 100644
--- a/src/agent/credentials/default-credential-manager.ts
+++ b/src/agent/credentials/default-credential-manager.ts
@@ -54,12 +54,12 @@ export class DefaultAccountCredentialManager implements AccountCredentialManager
       const parsed = JSON.parse(raw);
       const oauth = parsed.claudeAiOauth;
 
-      if (!oauth || !oauth.accessToken || !oauth.refreshToken) return null;
+      if (!oauth || !oauth.accessToken) return null;
 
       return {
         accessToken: oauth.accessToken,
-        refreshToken: oauth.refreshToken,
-        expiresAt: oauth.expiresAt,
+        refreshToken: oauth.refreshToken ?? null,
+        expiresAt: oauth.expiresAt ?? null,
         subscriptionType: oauth.subscriptionType ?? null,
         rateLimitTier: oauth.rateLimitTier ?? null,
       };
@@ -72,6 +72,7 @@ export class DefaultAccountCredentialManager implements AccountCredentialManager
    * Check if credentials are expired or about to expire.
    */
   isExpired(credentials: OAuthCredentials): boolean {
+    if (!credentials.expiresAt) return false; // Setup tokens without expiry are treated as non-expired
     return credentials.expiresAt < Date.now() + TOKEN_REFRESH_BUFFER_MS;
   }