diff --git a/src/OpenIddict.Server/OpenIddictServerExtensions.cs b/src/OpenIddict.Server/OpenIddictServerExtensions.cs
index b135c8b4..a6038ff9 100644
--- a/src/OpenIddict.Server/OpenIddictServerExtensions.cs
+++ b/src/OpenIddict.Server/OpenIddictServerExtensions.cs
@@ -74,8 +74,10 @@ namespace Microsoft.Extensions.DependencyInjection
             builder.Services.TryAddSingleton<RequireSlidingRefreshTokenExpirationEnabled>();
             builder.Services.TryAddSingleton<RequireScopePermissionsEnabled>();
             builder.Services.TryAddSingleton<RequireScopeValidationEnabled>();
-            builder.Services.TryAddSingleton<RequireTokenStorageEnabled>();
+            builder.Services.TryAddSingleton<RequireTokenEntryCreated>();
+            builder.Services.TryAddSingleton<RequireTokenPayloadPersisted>();
             builder.Services.TryAddSingleton<RequireTokenRequest>();
+            builder.Services.TryAddSingleton<RequireTokenStorageEnabled>();
             builder.Services.TryAddSingleton<RequireUserCodeGenerated>();
             builder.Services.TryAddSingleton<RequireUserCodeValidated>();
             builder.Services.TryAddSingleton<RequireUserinfoRequest>();
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlerFilters.cs b/src/OpenIddict.Server/OpenIddictServerHandlerFilters.cs
index 4166aadc..7d07f08e 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlerFilters.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlerFilters.cs
@@ -494,6 +494,38 @@ namespace OpenIddict.Server
             }
         }
 
+        /// <summary>
+        /// Represents a filter that excludes the associated handlers if no token entry is created in the database.
+        /// </summary>
+        public class RequireTokenEntryCreated : IOpenIddictServerHandlerFilter<GenerateTokenContext>
+        {
+            public ValueTask<bool> IsActiveAsync(GenerateTokenContext context)
+            {
+                if (context is null)
+                {
+                    throw new ArgumentNullException(nameof(context));
+                }
+
+                return new ValueTask<bool>(context.CreateTokenEntry);
+            }
+        }
+
+        /// <summary>
+        /// Represents a filter that excludes the associated handlers if the token payload is not persisted in the database.
+        /// </summary>
+        public class RequireTokenPayloadPersisted : IOpenIddictServerHandlerFilter<GenerateTokenContext>
+        {
+            public ValueTask<bool> IsActiveAsync(GenerateTokenContext context)
+            {
+                if (context is null)
+                {
+                    throw new ArgumentNullException(nameof(context));
+                }
+
+                return new ValueTask<bool>(context.PersistTokenPayload);
+            }
+        }
+
         /// <summary>
         /// Represents a filter that excludes the associated handlers if the request is not a token request.
         /// </summary>
diff --git a/src/OpenIddict.Server/OpenIddictServerHandlers.Protection.cs b/src/OpenIddict.Server/OpenIddictServerHandlers.Protection.cs
index 31267684..7b6adea3 100644
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Protection.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Protection.cs
@@ -1084,6 +1084,7 @@ namespace OpenIddict.Server
                     = OpenIddictServerHandlerDescriptor.CreateBuilder<GenerateTokenContext>()
                         .AddFilter<RequireDegradedModeDisabled>()
                         .AddFilter<RequireTokenStorageEnabled>()
+                        .AddFilter<RequireTokenEntryCreated>()
                         .UseScopedHandler<CreateTokenEntry>()
                         .SetOrder(AttachSecurityCredentials.Descriptor.Order + 1_000)
                         .SetType(OpenIddictServerHandlerType.BuiltIn)
@@ -1097,11 +1098,6 @@ namespace OpenIddict.Server
                         throw new ArgumentNullException(nameof(context));
                     }
 
-                    if (!context.CreateTokenEntry)
-                    {
-                        return;
-                    }
-
                     var descriptor = new OpenIddictTokenDescriptor
                     {
                         AuthorizationId = context.Principal.GetAuthorizationId(),
@@ -1305,6 +1301,7 @@ namespace OpenIddict.Server
                     = OpenIddictServerHandlerDescriptor.CreateBuilder<GenerateTokenContext>()
                         .AddFilter<RequireDegradedModeDisabled>()
                         .AddFilter<RequireTokenStorageEnabled>()
+                        .AddFilter<RequireTokenPayloadPersisted>()
                         .UseScopedHandler<ConvertReferenceToken>()
                         .SetOrder(GenerateIdentityModelToken.Descriptor.Order + 1_000)
                         .SetType(OpenIddictServerHandlerType.BuiltIn)
@@ -1318,11 +1315,6 @@ namespace OpenIddict.Server
                         throw new ArgumentNullException(nameof(context));
                     }
 
-                    if (!context.PersistTokenPayload)
-                    {
-                        return;
-                    }
-
                     var identifier = context.Principal.GetTokenId();
                     if (string.IsNullOrEmpty(identifier))
                     {