diff --git a/docs/configuration/metric-providers-external.rst b/docs/configuration/metric-providers-external.rst
index fe0502c31..f7fc5fa9c 100644
--- a/docs/configuration/metric-providers-external.rst
+++ b/docs/configuration/metric-providers-external.rst
@@ -55,6 +55,17 @@ Authentication
         prometheus_auth: "Bearer YOUR_TOKEN_HERE"
         alertmanager_auth: "Bearer YOUR_TOKEN_HERE"
 
+On some clusters, the pod service account token is used for Prometheus/Alertmanager authentication.
+To use this token add the following env var to the ``runner``:
+
+.. code-block:: yaml
+
+    runner:
+      additional_env_vars:
+        - name: PROMETHEUS_CLUSTER_TOKEN_AUTH
+          value: "true"
+
+
 **Basic Authentication**:
 
 .. code-block:: yaml
diff --git a/docs/configuration/metric-providers-in-cluster.rst b/docs/configuration/metric-providers-in-cluster.rst
index 8bfc269ad..e3745214e 100644
--- a/docs/configuration/metric-providers-in-cluster.rst
+++ b/docs/configuration/metric-providers-in-cluster.rst
@@ -92,6 +92,16 @@ If Prometheus and/or AlertManager require authentication, add the following:
 
 These settings may be configured independently.
 
+On some clusters, the pod service account token is used for Prometheus/Alertmanager authentication.
+To use this token add the following env var to the ``runner``:
+
+.. code-block:: yaml
+
+    runner:
+      additional_env_vars:
+        - name: PROMETHEUS_CLUSTER_TOKEN_AUTH
+          value: "true"
+
 SSL Verification
 ^^^^^^^^^^^^^^^^
 
diff --git a/src/robusta/core/model/env_vars.py b/src/robusta/core/model/env_vars.py
index cab7f595e..8c45ff7a7 100644
--- a/src/robusta/core/model/env_vars.py
+++ b/src/robusta/core/model/env_vars.py
@@ -114,6 +114,8 @@ def load_bool(env_var, default: bool):
 CLUSTER_DOMAIN = os.environ.get("CLUSTER_DOMAIN", "cluster.local")
 
 IS_OPENSHIFT = load_bool("IS_OPENSHIFT", False)
+PROMETHEUS_CLUSTER_TOKEN_AUTH = load_bool("PROMETHEUS_CLUSTER_TOKEN_AUTH", False)
+
 OPENSHIFT_GROUPS = load_bool("OPENSHIFT_GROUPS", False)
 
 ENABLE_GRAPH_BLOCK = load_bool("ENABLE_GRAPH_BLOCK", True)
diff --git a/src/robusta/integrations/openshift/token.py b/src/robusta/integrations/openshift/token.py
index 6bf1eb940..2021846c3 100644
--- a/src/robusta/integrations/openshift/token.py
+++ b/src/robusta/integrations/openshift/token.py
@@ -1,13 +1,13 @@
 from typing import Optional
 
-from robusta.core.model.env_vars import IS_OPENSHIFT
+from robusta.core.model.env_vars import IS_OPENSHIFT, PROMETHEUS_CLUSTER_TOKEN_AUTH
 
 # NOTE: This one will be mounted if openshift is enabled in values.yaml
 TOKEN_LOCATION = '/var/run/secrets/kubernetes.io/serviceaccount/token'
 
 
 def load_token() -> Optional[str]:
-    if not IS_OPENSHIFT:
+    if not (IS_OPENSHIFT or PROMETHEUS_CLUSTER_TOKEN_AUTH):
         return None
 
     try: