diff --git a/test/conformance/testdata/conformance.yaml b/test/conformance/testdata/conformance.yaml
index 6297f62a917..869cc88f129 100755
--- a/test/conformance/testdata/conformance.yaml
+++ b/test/conformance/testdata/conformance.yaml
@@ -1351,6 +1351,13 @@
     resource must support get, update, patch.'
   release: v1.19
   file: test/e2e/auth/certificates.go
+- testname: OIDC Discovery (ServiceAccountIssuerDiscovery)
+  codename: '[sig-auth] ServiceAccounts ServiceAccountIssuerDiscovery should support
+    OIDC discovery of service account issuer [Conformance]'
+  description: Ensure kube-apiserver serves correct OIDC discovery endpoints by deploying
+    a Pod that verifies its own token against these endpoints.
+  release: v1.21
+  file: test/e2e/auth/service_accounts.go
 - testname: Service account tokens auto mount optionally
   codename: '[sig-auth] ServiceAccounts should allow opting out of API token automount  [Conformance]'
   description: Ensure that Service Account keys are mounted into the Pod only when
diff --git a/test/e2e/auth/service_accounts.go b/test/e2e/auth/service_accounts.go
index 8e20b568c12..b56745466ae 100644
--- a/test/e2e/auth/service_accounts.go
+++ b/test/e2e/auth/service_accounts.go
@@ -673,7 +673,15 @@ var _ = SIGDescribe("ServiceAccounts", func() {
 		}
 	})
 
-	ginkgo.It("ServiceAccountIssuerDiscovery should support OIDC discovery of service account issuer", func() {
+	/*
+	   Release: v1.21
+	   Testname: OIDC Discovery (ServiceAccountIssuerDiscovery)
+	   Description: Ensure kube-apiserver serves correct OIDC discovery
+	   endpoints by deploying a Pod that verifies its own
+	   token against these endpoints.
+	*/
+	framework.ConformanceIt("ServiceAccountIssuerDiscovery should support OIDC discovery of service account issuer", func() {
+
 		// Allow the test pod access to the OIDC discovery non-resource URLs.
 		// The role should have already been automatically created as part of the
 		// RBAC bootstrap policy, but not the role binding. If RBAC is disabled,