diff --git a/src/Http/Authentication.Abstractions/src/PublicAPI.Unshipped.txt b/src/Http/Authentication.Abstractions/src/PublicAPI.Unshipped.txt
index 7dc5c58110bf..5bd5a8896c0b 100644
--- a/src/Http/Authentication.Abstractions/src/PublicAPI.Unshipped.txt
+++ b/src/Http/Authentication.Abstractions/src/PublicAPI.Unshipped.txt
@@ -1 +1,3 @@
 #nullable enable
+*REMOVED*static Microsoft.AspNetCore.Authentication.AuthenticationTokenExtensions.UpdateTokenValue(this Microsoft.AspNetCore.Authentication.AuthenticationProperties! properties, string! tokenName, string! tokenValue) -> bool
+static Microsoft.AspNetCore.Authentication.AuthenticationTokenExtensions.UpdateTokenValue(this Microsoft.AspNetCore.Authentication.AuthenticationProperties! properties, string! tokenName, string? tokenValue) -> bool
diff --git a/src/Http/Authentication.Abstractions/src/TokenExtensions.cs b/src/Http/Authentication.Abstractions/src/TokenExtensions.cs
index 5e91c64d7094..68f578586fab 100644
--- a/src/Http/Authentication.Abstractions/src/TokenExtensions.cs
+++ b/src/Http/Authentication.Abstractions/src/TokenExtensions.cs
@@ -71,9 +71,9 @@ public static void StoreTokens(this AuthenticationProperties properties, IEnumer
     /// </summary>
     /// <param name="properties">The <see cref="AuthenticationProperties"/> to update.</param>
     /// <param name="tokenName">The token name.</param>
-    /// <param name="tokenValue">The token value.</param>
+    /// <param name="tokenValue">The token value. May be <c>null</c>.</param>
     /// <returns><see langword="true"/> if the token was updated, otherwise <see langword="false"/>.</returns>
-    public static bool UpdateTokenValue(this AuthenticationProperties properties, string tokenName, string tokenValue)
+    public static bool UpdateTokenValue(this AuthenticationProperties properties, string tokenName, string? tokenValue)
     {
         ArgumentNullException.ThrowIfNull(properties);
         ArgumentNullException.ThrowIfNull(tokenName);
diff --git a/src/Http/Authentication.Core/test/TokenExtensionTests.cs b/src/Http/Authentication.Core/test/TokenExtensionTests.cs
index 98c1558ae9e7..1a1325d27cdc 100644
--- a/src/Http/Authentication.Core/test/TokenExtensionTests.cs
+++ b/src/Http/Authentication.Core/test/TokenExtensionTests.cs
@@ -149,6 +149,22 @@ public async Task GetTokenWorksWithExplicitScheme()
         Assert.Equal("3", await context.GetTokenAsync("simple", "Three"));
     }
 
+    [Fact]
+    public void UpdateTokenValueWorksWithNullGetTokenValueResult()
+    {
+        var sourceProperties = new AuthenticationProperties();
+        var targetProperties = new AuthenticationProperties();
+
+        var tokens = new List<AuthenticationToken>
+        {
+            new AuthenticationToken { Name = "refresh_token", Value = "refresh_value" }
+        };
+
+        targetProperties.StoreTokens(tokens);
+        targetProperties.UpdateTokenValue("refresh_token", sourceProperties.GetTokenValue("refresh_token"));
+        Assert.Null(targetProperties.GetTokenValue("refresh_token"));
+    }
+
     private class SimpleAuth : IAuthenticationHandler
     {
         public Task<AuthenticateResult> AuthenticateAsync()